The AWS re:Invent 2013 experience
A comprehensive collection of articles, videos and more, hand-picked by our editors
Educators often preach the importance of aiming high, and that is exactly what is happening in North Carolina. In fact, the state's education system is reaching to the cloud to provide students, teachers, staff and parents access to learning resources.
A survey of charter schools in North Carolina revealed that identity management was a universal struggle, said Samuel Carter, customer, operations and systems specialist with the Friday Institute at North Carolina State University. To fix that problem, Carter helped create and implement the NC Education Cloud initiative. He is scheduled to describe the project in a session at AWS re:Invent 2013 in Las Vegas.
The NC Education Cloud program is designed to provide members of the K-12 education community access to teaching materials through a reliable cloud-based identity management system that requires only one username and password combination.
"Most students have four to six accounts to manage, and the teachers and administrators have many more than that," Carter said. "As more and more educational resources move online, that number is going to continue to increase."
Clearly, it would be valuable if there was a way to reduce the number of username and password logins each student has. Based on that information, Carter said, the IAM Plan was initiated to appropriately articulate, evaluate, and solve the problem.
Choosing the right cloud-based system
We didn't go off in a vacuum and build this; the end users, the customers, have been involved all along.
Selecting the appropriate identity management system wasn't a task to be taken lightly, given that it would affect the entire state. In addition to contemplating building its own cloud-based infrastructure, Carter said, approximately 40 vendors were taken into consideration.
Ultimately, it was determined it would be more cost-effective and a better user experience would be provided if an identity management system was purchased as a service. "At the time we were considering this, we looked at the landscape of what was available and it just made more sense to do it as a service," Carter said. "That way, we don't have to worry about the infrastructure and maintaining it. We just subscribe to the service and let someone else have that responsibility, so that our primary focus is on the users."
Some of the identity management system contenders included: Microsoft, IBM, Oracle, Symplified, Identity Automation, Verizon and Mycroft. To dwindle down the lengthy list, an evaluation was carefully performed. Some vendors were written off after information posted on their websites was reviewed; others that appeared to be a better fit were interviewed. A team of six individuals, including Carter, rated each vendor based on a variety of criteria including:
- Proposed technical plan
- Plan approach and timeline
- Relevant experience
- Financial stability
- Personnel experience
While some vendors offered nice software, Carter said their lack of experience supporting education clients was an issue. There is some overlap with healthcare and insurance services requirements, for example, but there are unique needs in the education field.
"One of the primary differences is the age groups. In many corporations you are dealing with adults. In education, you are working with students as young as 3 years old, and the way you present and manage identities and log in with them is very different than for IT professionals," Carter said. "The interfaces you put in front of students have to look and feel very different than what you'd put in front of someone else."
Identity Automation won the bid to build the cloud-based identity management platform. Carter said the vendor is providing two key elements that can't easily be found elsewhere. The first is identity management as a service, and the second is the ability to manage such a large number of identities. "Those two things are unique," he said. "The actual technology under the service, the mechanics, [is] very traditional."
Identity management system advice
Improving mobile security with identity management
Best of identity and access management
Guide to identity management
While the cloud-based identity management system hasn't deployed, Carter is confident the implementation will be smooth. Three months were spent on the testing phase, and thus far, everything has been going according to plan, he said. He credits the seamless transition to careful planning and organization, which included meeting with school representatives to ensure the system will meet their needs.
"We didn't go off in a vacuum and build this; the end users, the customers, have been involved all along," Carter said.
About the author:
Maxine Giza is associate site editor for SearchSOA.com. She can be reached at email@example.com.