The education market has a lot of challenges when it comes to identity management. With a constantly rotating group of students, extremely limited budgets, and faculty and student networks, IT admins in the education sector trying to control access to their networks have a challenging situation. In fact, approximately 4 million public school students were expected to enroll in 9th grade in the fall of 2017. That’s a massive amount of traffic to keep up with, and that’s just public schools alone. This traffic comes a tremendous amount of work for IT admins as well. With the need to deactivate graduating accounts, create and set up new accounts for new students, connect students to the network, and much more, IT admins certainly have their hands full. These tasks can take up weeks of IT admins time, preventing them from working on other areas of the infrastructure. The good news is that a new generation of identity management for education is making the education IT challenges much easier to solve.
WiFi Needs in Education
There are a wide range of schools in the education sector. They can include K – 12, private schools, and higher education, and each of these types of schools have significant, and varying IT needs. There isn’t an educational institution on the planet that isn’t interested in leveraging new types of technology to support their teachers and students. Examining the needs of these education institutions can help identify the best solutions to implement.
Perhaps the most basic need of IT in the education sector is the ability to tightly control access to the WiFi network. The core reason for this is that most educational institutions separate the faculty network from the student network. This can be an important distinction for security reasons. Generally, it is easier to obtain access to the student network but, with K through 12, it is still important to control what students can access. The faculty network, on the other hand, needs to be more tightly secured. The network needs to be cordoned off from access by students or others to ensure that sensitive information is protected.
Some institutions have tried having a shared password for the student network, and a more secret shared password for the faculty network, but this is hardly effective enough. It is all too easy for the password to get out, and when that happens it is far too easy for attackers to see who is doing what on the network.
One potential approach to solving this problem is to leverage a core identity provider that houses user identities of those that can access the network. Then, when end users and faculty attempt to access the WiFi network, a RADIUS server ensures that the user is who they say they are by requesting credentials. Those credentials are, of course, the same as those housed in the directory service. The benefit of this approach is that whether the person is accessing the student network or the faculty one, they are required to produce their credentials to gain access. In addition, with each user having a unique login, it is much easier to have visibility into who is doing what on the network.
A RADIUS server is not incredibly new, however. The problem with it is that for most IT organizations in the EDU space, it is a significant challenge to be able to implement, manage, and keep secure. Add in the budget pressures of running the network and keeping it secure, and you can start to understand why identity management in education could easily take a back seat.
So is there another route for admins to take?
Cloud Identity Management for Education
The answer is yes. A new generation of cloud identity management solutions is emerging to enable IT organizations to solve this problem. There isn’t any hardware or software to purchase, and with aggressive discounts for educational institutions this cloud directory can be easily and quickly implemented as the central identity provider. Plus, due to its innovative offering, IT admins can also implement its cloud RADIUS platform to authenticate user access to the various networks on campus. This means that admins no longer have to deal with the hassles of shared passwords or tedious on-prem RADIUS servers. Called JumpCloud® Directory-as-a-Service®, this centralized cloud directory platform enables user access that is easily configured and controlled.
But that’s not all. As a full-fledged directory, admins also have access to a plethora of other management tools. In fact, Jumpcloud Directory-as-a-Service can connect users to their systems (Mac®, Windows®, Linux®), applications (LDAP, SAML), files (Samba, NAS, DropBox®, Box®), servers (AWS®, GCE™, on-prem), and networks. It’s the full cloud identity management solution IT admins in the education sector have been looking for.
Want to learn more about identity management for education? Reach out to us. We would be happy to answer any questions that you might have. Alternatively, if you would like to test the directory yourself, sign up for a free account. We offer 10 users free forever, without even requiring a credit card, so you get a perfect opportunity to test JumpCloud Directory-as-a-Service to the full extent. You can also sign up for one of our live demos, where you can ask questions throughout.
The education sector has enough challenges. Get cloud identity management for education and see how much easier your environments can be.
This is a Security Bloggers Network syndicated blog post authored by Jon Griffin. Read the original post at: Blog – JumpCloud