Jan 21 2021

How to Choose an Identity and Access Management Solution for Higher Education

Here are some key factors IT leaders should consider before selecting a new IAM platform.

From a string of high-profile ransomware attacks to the compromise of SolarWinds network monitoring tools, higher education continues to find itself vulnerable to attackers. To defend against a dizzying array of threats, university cybersecurity leaders must focus on building a defense-in-depth approach that addresses more risks.

One solution is an identity and access management system, which resides at the center of cybersecurity strategies. It provides the core identification, authentication and authorization services to create secure technology environments.

Identity and access management solutions have a long history in higher education. However, IAM’s overlapping roles — as well as inconsistent access requirements among students, faculty, administrators, alumni and partners — can make this technology’s adoption challenging. The unique needs of colleges and universities often stretch the limits of IAM design, which were mainly created to support traditional firms.

For this reason, colleges and universities have historically built their own IAM systems, relying on institutional expertise to create technologies custom-tailored for their environments.

This homegrown approach has served institutions well for decades. However, higher education’s emerging reliance on hundreds of cloud services has pushed the teams maintaining these solutions to the brink. IAM teams across higher education can struggle to keep up, as several new integrations are in demand each year.

MORE ON EDTECH: Learn more about replacing your on-premises IAM with a cloud solution.

Commercial IAM for the Cloud Environment

Many technology leaders now recognize that commercial IAM solutions can better keep pace with the cloud’s fast-changing environment. To better serve students, faculty and administrators, the time has come to adopt more efficient systems.

Technology professionals studying the IAM vendor landscape face an enormous decision. It will be a massive undertaking to implement the IAM platforms they choose. Once in place, IAM will play a pivotal role for an institution’s cybersecurity program for years to come — if not decades.

To assist university IT leaders with this decision, here’s a look at some key factors to consider when selecting an IAM platform for higher education.

Scrutinize Vendor Reliability

IAM platforms join Infrastructure as a Service providers, networking vendors, and database platforms at the heart of an institution’s technology stack. A failure in any one of these critical components could bring an institution to its knees. In fact, the instability of homegrown solutions is often one of the driving forces behind a move to adopt a commercial IAM platform. When the IAM system goes down, students, faculty and administrators find themselves unable to log in to any systems.

For this reason, teams must carefully scrutinize the operational credentials of vendors under consideration. Negotiate service-level agreements and look beyond the text at the vendor’s track record and architecture. Do the promises the vendor makes in agreements seem viable in light of the state of the technology? Does the vendor have a track record of successfully managing operational issues?

Assess the Breadth of Integrations

The rapid pace of adopting new cloud services is another critical factor that drives the adoption of commercial IAM platforms. Teams find themselves stretched beyond their limits as they keep up with the demands of integrating newly adopted services.

But commercial platforms come pre-built with hundreds of integrations for popular services. Analyze the array of existing integrations against the services used by your institution. How many of your current services are covered by the candidate out of the box? How many will require custom development work?

In addition to examining your existing services, get a sense of the pace of development for new integrations. When new services become popular, how quickly does the vendor release an integration? Is it likely that new integrations will become available before you need them? This can help IT departments avoid time-consuming manual integrations.

MORE ON EDTECH: Learn how AI is making room for innovation by automating IT tasks.

Consider the Ease of Use

The IAM platform resides at the core of technology infrastructures. However, in an ideal world, users should be barely aware it exists. How seamless is the IAM technology? Will users rapidly adopt it? In particular, how convenient is the multifactor authentication experience? If you continue using your existing MFA approach, will it integrate seamlessly with the new platform? If you migrate to the MFA technology offered by the IAM platform, can you accomplish that migration with minimal inconvenience for users?

Make sure you consider the ease of use for the technologists operating the IAM back end as well. Is the administrative interface intuitive? How well does the platform integrate with other components of your cybersecurity program?

Commercial IAM platforms offer educational institutions a variety of important benefits. Institutions that have not already migrated away from homegrown approaches will likely do so in the coming years. The selection of a new IAM platform is a decision that will affect an institution for years to come. Technology leaders should treat this migration with the attention that it deserves.

PeopleImages/Getty Images