Rostering and Identity and Access Management: Bridging the Gap Between Convenience and Security



*Disclaimer: This article originally appeared in EmergingEdTech, Administrative Solutions posts

School districts throughout the country rely on technology today more than ever before. At many districts, laptops and tablets are standard-issue equipment for students as young as second grade-level, and they must be compatible with campus networks as well as in the home. With a growing number of curriculum applications required at all grade levels and heightened concerns regarding student data privacy, school administrators should seek out data rostering solutions that are part of a greater identity and access management (IAM) solution, as opposed to a point solution.

What is Data Rostering?

Providing application vendors with the necessary hierarchical data to deliver curriculum and classroom management services to the right students and teachers can be an incredibly complicated and time-consuming process. In addition to supplying a roster of instructor and students grouped by class, logins typically require linkage to a user’s course, grade level, and school building. What’s more, vendors often have different formatting requirements and templates for transmitting data, further compounding the time and resources needed to upload roster data and keep it up-to-date.

For many school districts, fulfilling this request is still a manual process where teachers enter the data into multiple textbook vendor systems, one student at a time, at the beginning of each school year. This process can take multiple weeks and hinder the time spent actually learning when students are delayed access to needed resources. Furthermore, rosters are not static, meaning students change classes and campuses throughout the course of a school year. If updates are not properly managed, inflated license counts can lead to additional costs.

Rostering solutions allow campus IT administrators to streamline and automate the data rostering process, ensuring painless curriculum delivery. These solutions pull up-to-date student roster data from Student Information Systems (SIS) put it into the various formats required by vendors. Through a variety of exchange standards, the data is then synchronized to the target systems on an ongoing basis. Roster information remains up-to-date, ensuring the correct number of licenses are assigned to the correct students and helping to control costs. For example, if a student makes a course change, roster data is automatically updated in vendor systems, so the student gains immediate access to updated curriculum resources.

What are the Risks of Rostering Vendors?

Anytime and anywhere students or teachers are connected to the internet, they are at risk of falling prey to cybersecurity threats, such as data breaches, ransomware attacks, and phishing schemes. Most recently, ransomware has become a prevalent threat to municipalities and government bodies, as highlighted by the Baltimore ransomware attack that crippled the city’s ability to process utility payments and schedule court appearances. As school districts often have outdated cybersecurity infrastructures, similar attacks are increasingly a threat in education. In addition, as more learning tools come online, parents expect assurance that their children’s identity data is in safe hands as districts make strides toward Family Educational Rights Privacy Act (FERPA) compliance.

As roster data is very closely associated with identity data, there has recently been crossover of data rostering vendors into the identity space. While this might not seem like that far of a stretch, rostering solutions were designed for sharing hierarchical information with digital curriculum vendors and not to handle the complexities of securing identity data or meeting compliance regulations.

Why Select a Rostering Vendor with Roots in Identity Management?

School districts must have processes or solutions in place for managing identities, as well as managing rostering data. For organizations looking to outsource the data rostering component, finding a vendor that can fulfill both of these needs is often the ideal choice. This is where choosing a vendor with roots in identity and access management offers important advantages over data rostering vendors that have crossed over into the IAM space.

First and foremost, IAM solutions that also offer data rostering capabilities successfully bridge the gap between these two needs, without sacrificing security. These solutions were purpose-built to address the security complexities associated with managing identity data, while also offering robust identity management capabilities that go well-beyond those of data rostering solutions.

For example, modern IAM solutions can automate most identity lifecycle management tasks for students, teachers, staff, and external users. Students can automatically be provisioned with access to the correct resources based on their grade level, teacher, or class using role- and attribute-based access controls. Such functionality is especially important at the beginning of the school year, when it could otherwise take IT staff weeks or even months to complete repetitive tasks, such as creating new accounts and assigning privileges for students and new staff.

IAM solutions also give students and teachers the benefit of using single sign-on (SSO) to access a variety of applications, rather than entering a unique password for each. This enhances the end-user experience by streamlining the log-in process and minimizes the classroom distractions associated with managing password issues and resets.

Combining Data Rostering and IAM

A comprehensive IAM solution that automates both data rostering and identity management streamlines data roster management, while simultaneously providing the enhanced convenience, security, and capabilities of an IAM solution.

Combined rostering and IAM solutions ensure secure access from day one, avoiding what often adds up to weeks of painstakingly assigning each application to each individual user. With a combined rostering and IAM solution, IT teams are able to implement applications in significantly less time and require less resources – freeing up more time for learning activities. In addition, IAM solutions can be efficiently deployed across districts that operate thousands of devices for students and staff. Most of all, combined rostering and IAM solutions offer stronger data security as most IAM services are historically focused on cyber defense.



Subscribe Here!