This content is part of the Essential Guide: Using old apps? New approaches for application modernization

Essential Guide

Browse Sections

Learning is easier in N.C. with cloud-based identity management system

North Carolina is moving to a cloud-based identity management system to make it easier to gain access to learning materials.

Educators often preach the importance of aiming high, and that is exactly what is happening in North Carolina. In fact, the state's education system is reaching to the cloud to provide students, teachers, staff and parents access to learning resources.

Plan and challenges diagram for North Carolina Education Cloud services program
NCEdCloud Overview

A survey of charter schools in North Carolina revealed that identity management was a universal struggle, said Samuel Carter, customer, operations and systems specialist with the Friday Institute at North Carolina State University. To fix that problem, Carter helped create and implement the NC Education Cloud initiative. He is scheduled to describe the project in a session at AWS re:Invent 2013 in Las Vegas.

The NC Education Cloud program is designed to provide members of the K-12 education community access to teaching materials through a reliable cloud-based identity management system that requires only one username and password combination.

"Most students have four to six accounts to manage, and the teachers and administrators have many more than that," Carter said. "As more and more educational resources move online, that number is going to continue to increase."

Clearly, it would be valuable if there was a way to reduce the number of username and password logins each student has. Based on that information, Carter said, the IAM Plan was initiated to appropriately articulate, evaluate, and solve the problem.

Choosing the right cloud-based system

We didn't go off in a vacuum and build this; the end users, the customers, have been involved all along.

Sam Carter

Selecting the appropriate identity management system wasn't a task to be taken lightly, given that it would affect the entire state. In addition to contemplating building its own cloud-based infrastructure, Carter said, approximately 40 vendors were taken into consideration.

Ultimately, it was determined it would be more cost-effective and a better user experience would be provided if an identity management system was purchased as a service. "At the time we were considering this, we looked at the landscape of what was available and it just made more sense to do it as a service," Carter said. "That way, we don't have to worry about the infrastructure and maintaining it. We just subscribe to the service and let someone else have that responsibility, so that our primary focus is on the users."

Some of the identity management system contenders included: Microsoft, IBM, Oracle, Symplified, Identity Automation, Verizon and Mycroft. To dwindle down the lengthy list, an evaluation was carefully performed. Some vendors were written off after information posted on their websites was reviewed; others that appeared to be a better fit were interviewed. A team of six individuals, including Carter, rated each vendor based on a variety of criteria including:

NCEd Cloud IAM service model diagram
IAM Service Model
  • Proposed technical plan
  • Plan approach and timeline
  • Relevant experience
  • Financial stability
  • Personnel experience

While some vendors offered nice software, Carter said their lack of experience supporting education clients was an issue. There is some overlap with healthcare and insurance services requirements, for example, but there are unique needs in the education field.

"One of the primary differences is the age groups. In many corporations you are dealing with adults. In education, you are working with students as young as 3 years old, and the way you present and manage identities and log in with them is very different than for IT professionals," Carter said. "The interfaces you put in front of students have to look and feel very different than what you'd put in front of someone else."

Identity Automation won the bid to build the cloud-based identity management platform. Carter said the vendor is providing two key elements that can't easily be found elsewhere. The first is identity management as a service, and the second is the ability to manage such a large number of identities. "Those two things are unique," he said. "The actual technology under the service, the mechanics, [is] very traditional."

Identity management system advice

Improving mobile security with identity management

Best of identity and access management

Guide to identity management

While the cloud-based identity management system hasn't deployed, Carter is confident the implementation will be smooth. Three months were spent on the testing phase, and thus far, everything has been going according to plan, he said. He credits the seamless transition to careful planning and organization, which included meeting with school representatives to ensure the system will meet their needs.

"We didn't go off in a vacuum and build this; the end users, the customers, have been involved all along," Carter said.

About the author:
Maxine Giza is associate site editor for She can be reached at [email protected].

Follow us on Twitter @SearchSOA and like us on Facebook

Dig Deeper on Container orchestration