In today’s educational landscape, universities and colleges face distinct identity and access challenges unlike those encountered in retail and other commercial environments. And while retail, financial services, and the like are generally viewed as higher-risk from a cybersecurity point of view, the risks to higher education are just as critical. In fact, higher education “accounts for 17 percent of all reported data breaches, ranking second only to the medical industry,” according to Privacy Rights Clearing House. In this first post of our two-part series, we will take a look at some of these challenges that are unique to higher education.
Universities and colleges handle massive amounts of sensitive, personal information. Such information includes student, staff, and faculty contact information, as well as financial and credit data and even protected health information. Tasked with the protection of so much confidential data, institutions must adhere to an array of compliance requirements, including FERPA, HIPAA, GLBA, and PCI-DSS.
One of the major pain points when it comes to both security and compliance is the college or university’s identity and access management (IAM) system. Outdated IAM systems exacerbate the challenges that these schools already face. Such challenges include:
Users with Multiple Roles and Access Levels
Users in commercial environments tend to hold a single role and have a single set of access privileges. While their user privileges may change over time as they change jobs, it’s uncommon for a single user to hold more than one role at a time. This is not the case in higher education, where students may also work as staff, faculty may also be enrolled as students, and faculty and graduate students are often also alumni.
Your users tasked with remembering and managing multiple user credentials for their educational and work activities will inevitably need help resetting forgotten passwords or dealing with their user experience issues. Increased support calls create a heavy burden on your help desk. You’ve likely also encountered data synchronization problems caused by multiple accounts, including users getting incorrect permissions that need to be fixed – again, by your overburdened help desk staff.
Modern IAM solutions, designed with higher education in mind, can overcome the challenges of multiple user accounts by intelligently detecting individual users with multiple roles and merging those roles into a single, unified account. This can cut your help desk burden significantly, as users only need to remember a single set of credentials for all their activities.
Increasing Use of Technology in the Classroom
For universities and colleges, IAM challenges don’t stop on registration day. The growing use of technology in the classroom as a recognized learning tool means that digital content, collaborative tools, and online file-sharing and management solutions are now commonplace in colleges.
Higher education mirrors business in its growing reliance on technology. And just as in the commercial environment, without robust IT-approved applications and a good user experience, shadow IT can run rampant, leading to exponential growth in security vulnerabilities. IAM features like single sign-on, automated provisioning to approved applications, and self-service password creation and reset can go a long way toward streamlining and securing the use of technology in the classroom.
Limited Budget and Manpower
Compounding the problems described above is the already overburdened college IT department. The complexities of account provisioning and deprovisioning, custom scripts and workarounds for multiple roles held by individual users, and the need to give access to a variety of learning applications and other classroom tools can be too much for an already thinly stretched IT department to handle. Add in user errors and the help-desk workload can become overwhelming, increasing the risks for yet more mistakes to be made.
The solution to these problems is a modern IAM system that does away with many of these challenges by automating tasks, such as account provisioning and configuration. Modern IAM systems that can detect and appropriately connect disparate accounts belonging to single users drastically decrease IT workload. Ideally, IT should automate as many manual, lower-value tasks as possible, leaving time and manpower free to monitor for problems, rather than simply set up accounts.
Modern IAM systems also provide a superior user experience. Today’s users have high expectations for their technology and expect it to make their lives easier rather than harder, especially considering that technology is a key touchpoint for how users engage with their schools. The key, though, is to rely on technology that enables the university’s IT department, rather than adding another responsibility to the team.