December 2007 — News
Print this article | Email this articleClick here to receive your FREE subscription to T.H.E. Journal
How a Security Play Streamlined a Business Process in a Texas School District
The entire process would take five or six days. A new student wouldn't be able to access the district system until he or she received the user name and password. For each activity, multiple forms would be generated, to inform staff members throughout the district that a particular person had been added to the network. If a student's name changed, updating that would be a manual process. Likewise, each year as seniors graduated, IT staff would have to go in and manually purge their accounts from the system.
A 90% Drop in Staff Time
Now with Identity Manager, said Berger, the minute a student is enrolled in a school, one of the questions asked of parents is if it's OK for the child to access computers. "If they say, 'Yes,' then the registrar in the front office puts a 'Yes' in our student system. Within seconds, it feeds through our network ... and automatically starts to create an account. It's pulling all the information from the student system so it knows what grade they're in, what their name is, and all that kind of information."
That five-day process is now completed in five seconds. Berger estimated that the amount of staff time used to manage user accounts has dropped by 90 percent.
The automation has enabled the IT organization to move to self-service password management so that users don't need network administrator intervention to retrieve or change passwords. That in itself, said Berger, is a boost to computer security for the district.
"I have 3,400 students and a teaching staff of 500. We have all their personal information just like a corporation would in our database-- everything that people would need for identity theft. We have to secure and protect you from that theft everyday, just like big companies do. But, we don't think about that in education."
In the past, he said, he would have put that password information on a piece of paper to forward to the student. "So there is the chance of other people getting that login information before it gets back to Johnny. Now it's all automated.... That makes our end users more efficient and compliant to the district's security policy while also saving the IT staff time and resources."
The district uses Skyward for its student administration. The hand-off of data between applications is handled via SIF, the School Interoperability Framework, an XML specification for modeling and sharing educational data followed by multiple vendors.
When somebody is added to the system and some piece of data is left out, such as association with a specific school, the software places the record into a "holding tank"--a non-production tree in the directory tree structure. A network administrator receives an e-mail specifying the problem and calls the office to get the missing details. Once that's added, the system automatically moves the student into the production directory.
