Although you may not be familiar with access governance, there have been an increasing number of implementations of the technology in schools the past three or four years. While not classroom technology, these solutions ensure student’s access to technology in the classroom. Without some of this technology infrastructure, students would be unable to use school-provided devices or even access basic information systems.
Through the use of such solutions, many access issues are resolved, meaning fewer disruptions during classroom time and after hours when they might be locked out of their school’s web access. Access governance also mean the school administrators know who has access to what, when and where with a simple click, and can better manage student accounts, and student access privileges for various systems and platforms through your school’s environment.
So, how is this technology so powerful for schools and their ed tech efforts?
Schools face a number of account management issues and how they can easily manage user accounts and user access without needing a full-time employee to spend hours creating and editing student accounts before each term or school year. An automated account management module allows this process to be hands off.
More speed and more security
School administrators may employ different student information systems, and the automated account management solution allows these SIS systems to be linked to all other applications and systems that the school uses -- Active Directory, library systems, electronic learning environments or a wide variety of other systems or applications. When a student’s information is entered into the SIS, all connected systems are automatically updated. As an example, when a new student begins at the school, their information is entered into the SIS and an AD account, Gmail account, eSchool account and a shared drive are created for them.
This ensures that on the first day of class the student has all the correct access and resources that they need to engage in their learning needs. The student is able to jump immediately into the learning environment without delay or lack of access to classroom devices and technology, like tablets and other assigned learning devices. Without this immediate access, students are unable to join in the learning action with the technology required of the setting.
Likewise, then, when students must work outside the school’s environment – from home or on the go – schools can provide a single sign in credential that keeps the student signed into all appropriate systems with one single password or access code. The means that each individual student creates their own unique code and uses this one code to gain entrance into every school-sponsored system. Once they sign into their profile and provide the pass code, everything the student needs to access, based on what the school’s administrators determine the student should have access to, is opened and ready for use.
This also means more security for the user because they have just the one code to remember unlike people who must try to remember a dozen or more codes and must write them down to do so. The point here is that with fewer access points (and pass codes) to manage, each of the student’s devices are more secure because there is less fear in having to remember or jot down these credentials.
And, if the one pass code is compromised or needs to be changed, the student can do so easily and simply on their own at any time, often through the use of their school-sponsored connected device.
For students who are working outside of the school’s network on mobile devices, which is the norm today, a web or cloud single sign-on portal can be a major benefit for them and for the school. Students can simply log in to a portal where all of their systems and applications are located then they only need to enter a single set of credentials to authenticate themselves, and thereafter can easily click on the icon for the application they want to use. This allows them to easily access all of the applications that they need from whenever and whenever they are working.
Two-factor authentication can be added to SSO to ensure additional security. For example, teachers handle a lot of sensitive information, so they wouldn’t want someone to be able to easily access their applications. Two-factor authentication can be added so that a teacher might be required to enter a password, as well as a PIN sent via SMS for extra security. Two-factor authentication can be added to all accounts or just a particular group of users for enhanced security.
Another solution that can be easily implemented and used to manage password issues is a self-service password reset solution. Since students often work outside of the operational hours of the helpdesk, a self-service password reset solution allows them to easily and securely reset their password themselves at any time without contacting the helpdesk. The student simply provides the correct answer to a security question that they previously answered and can then reset their password. This not only makes the student’s life easier, it also drastically reduces the amount of calls that the helpdesk receives.
Overall, access governance solutions allow system administrators to easily manage student and staff user accounts and passwords, as well as provide students with self-service methods to handle password resets. If a school IT leader decides to implement a new application or technology piece for student use in the classroom, it can easily be implemented and managed. They simply need to have their automated account management solution connected with this technology and can then automate and easily manage the accounts without needing to manually manage them.
Dean Wiech, managing director of Tools4ever
Image Credit: James F Clay / Flickr