It’s well known that for some time both Microsoft and Google provide free email hosting services for “.edu” domains, but it’s not until recently that the playing field has leveled off. Google has arguably had the advantage since the beginning due to the fact that even if the place of learning in question provided services little more than SquirrelMail students could sign up for, and productively use, Gmail and Google apps on their own. Until the latter half of last year this wasn’t possible on the Microsoft side; the granting of student and teacher access was beholden to the school’s IT administrative staff. Since this is no longer the case, uptick in adoption has increased exponentially, and even lead to its own problems. Those initial aside the tide may now sway in favor of Microsoft as their Office suite has long reigned king of productivity and is now at the fingertips of a million plus new subscribers.
So what does this all means for today’s IT decision makers? At first glance it may appear to be a blessing; converting to a self-service model usually reduces administrative overhead, right? The answer is of course yes but there are significant disadvantages for any institution seeking to implement effective identity management.
In a typical education setting Office 365 accounts are only distributed after multiple forms of identification are furnished. Since the institution trusts the accuracy of their data, using it to automate account management and access in other systems becomes possible. This is increasingly important as communication between institutions and students continues to increase in quantity whilst shifting more and more towards electronic mediums. New demands have surfaced as a result of email communication criticality, it’s morphed into a jumping off point for access to many other IT services.
The common denominator to date is four distinct categories with a variety events that trigger as they are progressively reached: applied, accepted, enrolled, and hold; the action, trigger, and reason for each is then described.
ACTION: After being successfully processed by the institution the student’s application is manually created as a “record” in the database of the school’s student information system with the status set to “applied”.
TRIGGER: Provision email account
REASON: Establish and verify identity with a reliable method of communication
ACTION: Upon acceptance by the review board the status of the record in the student information is manually changed to “accepted”.
TRIGGER: Create Active Directory user account
REASON: Grant access to WIFI and local logon within classrooms / labs
ACTION: Student sends their intent to attend the institution, once received the status of their record in the student information system is manually set to “enrolled”
TRIGGER: Provision account in the Learning Management System (LMS,) e.g. Blackboard, Skyward, Schoology, Canvas, Haiku.
REASON: Allow student to browse available courses and manage class schedules
This category is unique amongst the four as it’s generally state based; applied, accepted, and enrolled are mutually exclusive as a student is really never more than one of those things at the same time. As such a hold is either “applied” or “removed,” different actions and triggers are associated with each.
ACTION: Student fails to pay their bill and the account goes past due, the record in the student information system is automatically set to “Hold”
TRIGGER: Disable Active Directory and LMS accounts
REASON: Variable, the most common being past due bill
ACTION: Student finally pays their bill after the account has gone past due, the “hold” status is automatically removed from the record in the student information system.
TRIGGER: Enable Active Directory and LMS accounts
REASON: Variable, the most common being past due bill has now been paid
This process sounds difficult to manage because it absolutely is; believe it or not many organizations are still handling the administration of it manually and/or via scripting. Tools4ever’s identity management platform is adept at automating these processes in full. Give us a call and discover how we can streamline your unique processing scenario.