For schools, budgets are always tight. Add to that strict regulations and reduced financial support from local and county government, and they are under enormous pressure to operate efficiently.
One solution many districts are using to reduce budgets and streamline efficiencies is automating user accounts of students and staff. Countless schools throughout the U.S. are using simple solutions to manage the thousands of user accounts they create at the beginning of each session and host throughout a term.
Hutto School District in Texas implemented a user management resource administrator (UMRA) system to automatically manage user accounts including password re-sets, saving the district an average of three hours for each help desk request generated by a user.
North Hunterdon-Voorhees School District in New Jersey uses a similar UMRA to automate the process of provisioning and de-provisioning student user accounts so that its internal IT department no longer spends countless hours performing password re-sets and managing the deluge of daily helpdesk tickets related to account access issues.
And Murray Independent School District in Kentucky uses an UMRA to maximize efficiency while receiving less funding, said Rusty Back, the school’s CIO.
“Before we used the user management resource administrator, I manually managed the creation and deletion of user accounts,” Back said. “These tasks took up most of my time, and the demands placed on IT continued to increase. We needed processes that would allow me to perform other, more important IT duties.”
User management systems allow IT staffs the power to push password reset abilities and account modifications to the staff via a web portal. The web portal lets faculty and staff reset student passwords without having to wait for an IT staff member to fulfill the request. And because passwords can be reset by the faculty and staff, there is little to no down time for students.
Educators seeking alternatives to hiring additional staff to manage user accounts can find automated solution like UMRA to create, change and delete user accounts for both students and staff, replacing manual execution of account creation.
Travis Brown, Network Administrator for Hutto ISD said, "The user management resource administrator software saved our district considerable man hours and resources by automatically managing our user accounts in Active Directory. We began saving time and money immediately."
The systems automatically synchronize data between the student information system, the campus and Active Directory, eliminating the need for manual redundancies or needless hours spent managing user accounts by members of the helpdesk staff.
The software manages bulk user creation, modifications and deletions for the district. What was once a manual process can now be automated and run daily within a school environment. Data is pulled from the cloud and synced with the school’s Active Directory at each project run, ensuring user accounts are up to date and that Active Directory is clean, organized and has a consistent folder structure.
“The software saves us from having to do manual scripting and spending resources on tasks that can be automated,” said Brown. “Our team can now focus on high-impact projects that benefit the entire Hutto district.”
At Pinellas County School District, in Pinellas County, Florida, the district has 138 schools ranging from pre-K to 12th grade, as well as an adult school for community and work force education. With 103,000 students, 8,500 teachers and more than 200,000 parents, the IT staff spent an inordinate amount of time correcting account problems and the help desk received a large volume of calls about password issues.
One of the biggest problems for the district was addressing the needs of its teachers, who often had problems when they were off for summer break and either forgot their password or were locked out because of password expiration over this time period.
The school implemented an UMRA solution to automatically populate the parent portal, student information system and any other systems as required, eliminating a tedious and potentially error-prone manual process.
“Parents are very connected these days, so they need to have access to the parent portal to get an answer on any questions that they have,” said John Just, assistant superintendent at Pinellas County School District.
Within the first year of roll out, Pinellas enrolled more than 200,000 parents in both UMRA and a separate self service reset password manager (SSRPM) concurrently. SSRPM is a self-service application that allows end users to reset their Active Directory passwords. The number of password-related calls to the helpdesk has been reduced significantly, said Just.
As another school year opens, IT leaders within school settings have at least one option for cutting costs and trimming the number of man hours spent handling redundant tasks. Perhaps, doing so allows for much needed time and resources to be sent in more important places, like the classroom.
For more information, please visit our website.
Friday, May 30, 2014
Friday, May 23, 2014
Contract Employees and Account Management
If your company hires contract employees, outside workers, or employees who work for a limited amount of time, you know all too well that managing these types of accounts can be a headache! With these types of accounts, there is constant movement and employees of this type need to be quickly added but then also promptly removed when they are no longer working for your company.
In addition, since contract employees are often only working for a short period of time, they need to have their accounts quickly created so that they can start performing their jobs. Unlike other employees, they cannot be waiting around for days for all their accounts to be created and access appropriate applications. Employees who are brought in during the hectic holiday season especially need to have access quickly so they can begin working. The issue though, is that in a large organization this could process could take up to a few days.
Due to the high turnover rate of these types of employees, IT also needs to ensure that their accounts are properly disabled once they leave the company. More times than not this task is over looked since someone has to go into each application and manually disable the user, which is time consuming. This is an extreme security risk since these ex- employees will still have access to the company’s data and network. There have been many cases where disgruntled employees either reap havoc on their ex employers network, or steal important customer data. Dealing with the headache of contract employees accounts, is an issue that organizations of all sizes face.
Many leading organizations have solved this issue using Active Directory management software. The following is how they have used this type of solution to solve the account management issue of contract employees:
Provisioning Accounts
An AD Management solution allows the organization to automate the account management process and not have to manually perform tasks such as creating and disabling accounts. By connecting with your company’s HR system, any change that is made in that system is automatically synchronized to all connected applications.
So, when someone enters a new personnel request the solution can automatically create new accounts in any connected system or applications, create a share drive, personal drive, profile, set up a phone, or many other tasks for new hires. The manager in charge then receives an audit trail of all actions and can continue to request additional services needed, such as hardware or mobile devices. This allows contract employees to receive access to all of the resources they need quickly so that they can begin work on their first day of employment.
Disabling Former Employees
To handle the issue of disabling former employees, an AD management solution can assist with automatically disabling accounts. Once an employee is disabled in the source system, the software automatically disables their AD and all connected accounts to ensure the employee no longer has access. It also has the ability to transfer that employee’s personal drive to their manager. This ensures that any projects that were in the works are not lost.
In addition, a set expiration can be placed on an account. This allows the organization to ensure that an account is automatically disabled on a certain day, so that no action has to be taken at all.
Many organizations around the world deal with managing accounts for contract employees. Often they do not realize that there is a simple solution which many of their counterpart’s use, which can reduce the headache, allow employees to be more productive, and increase overall security. “An AD account management solution has not only helped improve the security of access by terminating faster, it has also greatly improved our data security,” said Dan Backer, Director, Campus Technology, at National Geographic.
For more information, please visit our website.
In addition, since contract employees are often only working for a short period of time, they need to have their accounts quickly created so that they can start performing their jobs. Unlike other employees, they cannot be waiting around for days for all their accounts to be created and access appropriate applications. Employees who are brought in during the hectic holiday season especially need to have access quickly so they can begin working. The issue though, is that in a large organization this could process could take up to a few days.
Due to the high turnover rate of these types of employees, IT also needs to ensure that their accounts are properly disabled once they leave the company. More times than not this task is over looked since someone has to go into each application and manually disable the user, which is time consuming. This is an extreme security risk since these ex- employees will still have access to the company’s data and network. There have been many cases where disgruntled employees either reap havoc on their ex employers network, or steal important customer data. Dealing with the headache of contract employees accounts, is an issue that organizations of all sizes face.
Many leading organizations have solved this issue using Active Directory management software. The following is how they have used this type of solution to solve the account management issue of contract employees:
Provisioning Accounts
An AD Management solution allows the organization to automate the account management process and not have to manually perform tasks such as creating and disabling accounts. By connecting with your company’s HR system, any change that is made in that system is automatically synchronized to all connected applications.
So, when someone enters a new personnel request the solution can automatically create new accounts in any connected system or applications, create a share drive, personal drive, profile, set up a phone, or many other tasks for new hires. The manager in charge then receives an audit trail of all actions and can continue to request additional services needed, such as hardware or mobile devices. This allows contract employees to receive access to all of the resources they need quickly so that they can begin work on their first day of employment.
Disabling Former Employees
To handle the issue of disabling former employees, an AD management solution can assist with automatically disabling accounts. Once an employee is disabled in the source system, the software automatically disables their AD and all connected accounts to ensure the employee no longer has access. It also has the ability to transfer that employee’s personal drive to their manager. This ensures that any projects that were in the works are not lost.
In addition, a set expiration can be placed on an account. This allows the organization to ensure that an account is automatically disabled on a certain day, so that no action has to be taken at all.
Many organizations around the world deal with managing accounts for contract employees. Often they do not realize that there is a simple solution which many of their counterpart’s use, which can reduce the headache, allow employees to be more productive, and increase overall security. “An AD account management solution has not only helped improve the security of access by terminating faster, it has also greatly improved our data security,” said Dan Backer, Director, Campus Technology, at National Geographic.
For more information, please visit our website.
Friday, May 16, 2014
The value of Healthcare IT can be seen in "soft" savings
It's understandable that some practitioners may feel a sense of trepidation when it comes to shifting their health records online, and while chiropractic documentation software can help ease the transition, it may not be enough to fully ease that anxiety. But what exactly is it that some are so worried about? Not being tech-savvy enough? Or just concern that the value expected for making this chiropractic EHR investment may not necessarily be worth the effort? In the case of the latter, it's important to begin looking at beyond traditional measures of ROI, and look outside of the box to more "soft" savings.
According to Healthcare IT News, these "soft dollar savings" are a little more abstract than what one may typically think of as money saved, but have real value of their own. Unlike "hard" savings, which account for precise dollar amounts that have been saved or spent, soft costs refer more to the time being spent by the user.
Dean Wiech, managing director for the identity management software Tools4ever, tells the source that providing users with streamlined and secure experiences can significantly cut back on the amount of time spent handling their chiropractic EHR software – and as Wiech so succinctly puts it, "Time is money."
"A lot of times quantifying savings is more about looking at cost avoidance," said Wiech. "Most of our customers can cost justify their expenses based on the time they spend opening, deleting and managing accounts."
In other words, the easier of a time you have with handling your online chiropractic EMR software, the less time, money and effort you'll have to allocate for that purpose in the first place.
For more information, please visit our website: www.tools4ever.com
According to Healthcare IT News, these "soft dollar savings" are a little more abstract than what one may typically think of as money saved, but have real value of their own. Unlike "hard" savings, which account for precise dollar amounts that have been saved or spent, soft costs refer more to the time being spent by the user.
Dean Wiech, managing director for the identity management software Tools4ever, tells the source that providing users with streamlined and secure experiences can significantly cut back on the amount of time spent handling their chiropractic EHR software – and as Wiech so succinctly puts it, "Time is money."
"A lot of times quantifying savings is more about looking at cost avoidance," said Wiech. "Most of our customers can cost justify their expenses based on the time they spend opening, deleting and managing accounts."
In other words, the easier of a time you have with handling your online chiropractic EMR software, the less time, money and effort you'll have to allocate for that purpose in the first place.
For more information, please visit our website: www.tools4ever.com
Friday, May 9, 2014
Misconception Perception: Single Sign-On Myths Debunked
Single sign-on (SSO) allows end users to log in to accounts once with their credentials and thereafter enjoy immediate access to all of their applications and systems without being asked to log in again. This is extremely beneficial in reducing help desk calls since users only have to remember one password instead of many.
Though SSO can be beneficial to any company, many IT managers and security officers are skeptical about the implementation of an SSO solution. Their skepticism is the result of a number of preconceptions, which in many cases are misconceptions, about these identity and access management tools.
The following are the many incorrect common beliefs about SSO.
Implementing SSO Imposes Greater Pressure on Security
IT managers and security officers often believe that with one-time logging in to accounts security of information is immediately placed at risk. They assume that if an unauthorized person gets hold of that single log-in credential, that person will have access to all the account’s associated applications.
When using SSO, all the various access entries to applications are replaced by one access point. For example, the software allows users to use just one password for multiple accounts. Once the password is entered, all accounts are accessed. Though this does appear to constitute a risk, the log-in process is actually streamlined for the user. Having to remember just one password essentially does away with the risk that the user will scribble passwords on a piece of paper and place them under their keyboard (as is often the case) like they might if they have to remember 12 password and username combinations (the average number per user) that most users have without SSO.
This was often the case at Community Bank and Trust of Florida. Since the bank uses hundreds of different systems and applications that require complex passwords, users understandably had a difficult time remembering all of their user credentials. By implementing SSO at the bank, end users no longer have to use unsecure methods, such as writing down their passwords to remember them.
It is also possible to add extra security to the primary SSO log-in with a user card and pin code or an extra-strong password. Logging in with a card and pin code is an extremely secure authentication, and users also consider it to be very user-friendly.
An SSO Implementation is a Long, Drawn Out Project
This is often wrongly assumed because SSO implementation is part of a broader security policy. Other components might include introducing more complicated passwords, taking more care with authorizations and complying with standards imposed by the government.
Because SSO affects almost all end users and runs throughout the organization, some see implementation as taking a great deal of time to notify and prepare end users for the change. SSO brings with it a number of questions, such as:
“How do I deal with people who have multiple log-ins on one application?”
“What do I do if an application offered through SSO gets a new version?”
“What happens if the application itself asks for a password to be reset?”
All of these questions often cause SSO implementation to be shifted to the background. However, any potential complexity faced at implementation is no reason to postpone adding a SSO solution because it has long-lasting benefits once up and running. By starting small, say by making the top five applications available through SSO, a considerable time saving on the number of log-in actions can be achieved, justifying buying the solution.
For example, at Community Bank and Trust of Florida, an SSO solution was easily and quickly implemented to solve its password issues. It was even possible for the bank’s IT leaders to roll into production exactly what they did during their trial phase, which made their implementation process extremely convenient.
It’s Not Possible to Make Cloud Applications Accessible via SSO
Just as with all other applications, it is certainly possible to log in to cloud applications with SSO.
An SSO Implementation is Expensive
The nice thing about an SSO solution is that it’s often not necessary to set it up for all the people in an organization. SSO may be needed only for a select group of people who need to access many different applications, such as tellers. The advice here is to restrict implementations to the most critical applications and the employees who have to log in to a variety of different applications. This will control the implementation in terms of price and complexity, and offers an excellent springboard for any further growth and expansion in accordance with changing future needs.
An SSO Solution is Not Needed Because We Use Extremely Complex Passwords
Insisting on extremely complex passwords is one way to secure the network, but at the same time, it’s also one of the causes of insecure situations. This is because many end users have difficulty remembering their mandated passwords, certainly when they have to recall more than a dozen username and password combinations. Often, requiring the use of complex passwords leads to frequent help desk calls because employees tend to forget them more readily. A highly insecure and undesirable situation arises when end users write their passwords on notes and leave them lying around their computer.
Using SSO means employees only have to remember one password for all of their applications, meaning a simple solution to a complex problem, easier access to multiple accounts for all who need access to them, and fewer calls the help desk, ensuring IT staff are able to focus on more important priorities than password resets. For example, All Star Automotive in Louisiana was able to see a major reduction in time dealing with password issues by implementing an SSO solution. The IT manager at the automotive group said, “Users can now concentrate on their jobs rather than managing their own passwords.”
For more information, please visit our website.
Though SSO can be beneficial to any company, many IT managers and security officers are skeptical about the implementation of an SSO solution. Their skepticism is the result of a number of preconceptions, which in many cases are misconceptions, about these identity and access management tools.
The following are the many incorrect common beliefs about SSO.
Implementing SSO Imposes Greater Pressure on Security
IT managers and security officers often believe that with one-time logging in to accounts security of information is immediately placed at risk. They assume that if an unauthorized person gets hold of that single log-in credential, that person will have access to all the account’s associated applications.
When using SSO, all the various access entries to applications are replaced by one access point. For example, the software allows users to use just one password for multiple accounts. Once the password is entered, all accounts are accessed. Though this does appear to constitute a risk, the log-in process is actually streamlined for the user. Having to remember just one password essentially does away with the risk that the user will scribble passwords on a piece of paper and place them under their keyboard (as is often the case) like they might if they have to remember 12 password and username combinations (the average number per user) that most users have without SSO.
This was often the case at Community Bank and Trust of Florida. Since the bank uses hundreds of different systems and applications that require complex passwords, users understandably had a difficult time remembering all of their user credentials. By implementing SSO at the bank, end users no longer have to use unsecure methods, such as writing down their passwords to remember them.
It is also possible to add extra security to the primary SSO log-in with a user card and pin code or an extra-strong password. Logging in with a card and pin code is an extremely secure authentication, and users also consider it to be very user-friendly.
An SSO Implementation is a Long, Drawn Out Project
This is often wrongly assumed because SSO implementation is part of a broader security policy. Other components might include introducing more complicated passwords, taking more care with authorizations and complying with standards imposed by the government.
Because SSO affects almost all end users and runs throughout the organization, some see implementation as taking a great deal of time to notify and prepare end users for the change. SSO brings with it a number of questions, such as:
“How do I deal with people who have multiple log-ins on one application?”
“What do I do if an application offered through SSO gets a new version?”
“What happens if the application itself asks for a password to be reset?”
All of these questions often cause SSO implementation to be shifted to the background. However, any potential complexity faced at implementation is no reason to postpone adding a SSO solution because it has long-lasting benefits once up and running. By starting small, say by making the top five applications available through SSO, a considerable time saving on the number of log-in actions can be achieved, justifying buying the solution.
For example, at Community Bank and Trust of Florida, an SSO solution was easily and quickly implemented to solve its password issues. It was even possible for the bank’s IT leaders to roll into production exactly what they did during their trial phase, which made their implementation process extremely convenient.
It’s Not Possible to Make Cloud Applications Accessible via SSO
Just as with all other applications, it is certainly possible to log in to cloud applications with SSO.
An SSO Implementation is Expensive
The nice thing about an SSO solution is that it’s often not necessary to set it up for all the people in an organization. SSO may be needed only for a select group of people who need to access many different applications, such as tellers. The advice here is to restrict implementations to the most critical applications and the employees who have to log in to a variety of different applications. This will control the implementation in terms of price and complexity, and offers an excellent springboard for any further growth and expansion in accordance with changing future needs.
An SSO Solution is Not Needed Because We Use Extremely Complex Passwords
Insisting on extremely complex passwords is one way to secure the network, but at the same time, it’s also one of the causes of insecure situations. This is because many end users have difficulty remembering their mandated passwords, certainly when they have to recall more than a dozen username and password combinations. Often, requiring the use of complex passwords leads to frequent help desk calls because employees tend to forget them more readily. A highly insecure and undesirable situation arises when end users write their passwords on notes and leave them lying around their computer.
Using SSO means employees only have to remember one password for all of their applications, meaning a simple solution to a complex problem, easier access to multiple accounts for all who need access to them, and fewer calls the help desk, ensuring IT staff are able to focus on more important priorities than password resets. For example, All Star Automotive in Louisiana was able to see a major reduction in time dealing with password issues by implementing an SSO solution. The IT manager at the automotive group said, “Users can now concentrate on their jobs rather than managing their own passwords.”
For more information, please visit our website.
Subscribe to:
Posts (Atom)