Case Study: Using Identity Management & a Web Portal as a

Gateway to the Cloud Steve Young, CTO

Judson ISD, San Antonio, TX syoung@judsonisd.org

∗ 4th largest public school district in Bexar County, Texas (San Antonio area)

∗ 22,500 students and 3,000 employees ∗ 31 IT staff members ∗ Over 7500 desktops, laptops, tablets ∗ Additional 3,200 virtual desktops ∗ 189 virtual servers ∗ More info at

http://www.judsonisd.org/district/technology/

About Judson ISD

∗ We cannot do it all ∗ Staff size decreasing ∗ Budgets are shrinking ∗ Student population & number of schools increasing ∗ Huge value proposition with many online services ∗ Constituents want 24/7 services and cloud services

are 24/7 ∗ Classroom learning can be extended outside of

normal school day

Why A Cloud Approach?

∗ Generally very high up time ∗ Offer cutting edge services ∗ Low Cost or predictable recurring costs ∗ Quick Deployment ∗ Lower technical barriers to entry ∗ Often can implement without additional staff ∗ If……..

Cloud (SaaS) Advantages

∗ Judson ISD had automated creation, update, & retiring of student & staff accounts, file shares, email accounts and groups with UMRA (User Management Resource Administrator)

∗ This allows MANY systems user information to be automated, not just Active Directory

∗ Timeliness of data is increased, as is security ∗ Users do not have to wait for accounts to be created, as they

are created when the source HR or SIS data is created

We Can Automate Account Management

∗ We offer web/Cloud applications via our MyJISD Stoneware portal to: ∗ All users (staff and students) ∗ To any device ∗ To any location (in or out of network) ∗ At any time ∗ On guest network or in Starbucks

∗ To do this we must know who users are and pass their credentials to disparate web applications

Leveraging Identity in a Web Portal

Two Cloud (Saas) Examples

∗ We did not want to host student email accounts – too much time, $$, etc.

∗ We also wanted to automate account management ∗ We used Tools4Ever and their UMRA product to

automate Live@Edu account management from AD ∗ We authenticate students via AD into our portal and

auto log them into Live@Edu ∗ This could also be done via UMRA for Google Apps

Live@edu

∗ We wanted to provide a simple to use LMS for staff and students to use at will without any technology intervention –chose Schoology.

∗ My team worked with them to be an early adopter of their API/SSO to synchronize account data and manager users.

∗ We wrote a custom web app to synchronize and manage Schoology users

∗ We authenticate students via AD into our portal and auto log them into Schoology

Schoology

∗ Cloud (SaaS) deployments can be extremely efficient and cost effective

∗ But managing users can require a lot of staff time ∗ Automated identity management from source systems is critical ∗ Identities must be further synced with SaaS systems to keep

costs and staff time to a minimum ∗ A portal that can pass credentials from AD and from an SSO

lockbox allows users an easy one stop shop for all their applications from anywhere on any device

In Summary