Identity Management

Identity management is a critical issue in schools for reasons of safety, security and efficiency. An Identity Management System (IMS) manages the relationship between disparate technology systems and users. It is the method by which the systems recognise the user so they can apply the appropriate permissions, credits and controls.

The IMS man be linked to the school's existing Active Directory or MIS in order to populate it. This means there will be consistency of permissions and group affiliations across the entire school site. It also means all systems can be controlled centrally and new members of staff and pupils can be automatically provisioned across all systems with one process rather than many.

ICT Foundry can put in place a standards-based IDS that can integrate systems such as:

  • Print management
  • Access control
  • Cashless catering
  • Electronic registration
  • Library management
  • Vending machines
  • Computer logon
  • Locker access
  • Door access

Even though these applications and services may be from different suppliers, users will only need to be registered once in the IMS. The IMS we recommend works with a range of identification methods, including:

  • Identity cards (including MiFare smart cards)
  • Biometrics (such as a fingerprint)
  • PIN numbers
  • Usernames and passwords

Identity tokens

The most common identity mediator is the MiFare smart card. This is an industry standard identity management card that is easy to make in schools. It is true that the card, as a physical item, may be forgotten, lost or defaced from time to time.  Our experience is that if enough school systems are dependent on the card, learners are more likely to value the card. Schools generally choose to charge a small sum for replacing cards and this is sufficient incentive to look after them. The other issue that can occur with cards is the use of other people's cards either with or without permission.  Particularly in the latter case, a protocol must be established to impress upon all users that improper use of cards is a serious matter with consequences. Cards may easily be printed in school using a specialist device. The card production process is linked to the IMS database so that the required information from the database (name, title, student number, photograph and so on) may be printed onto cards without having to import and export information from different systems.

The biometric approach, most often using fingerprints, is increasingly common as the technology improves. The main issue of concern to stakeholders is the retention of fingerprints. In fact, the system ICT Foundry favours converts the fingerprint into a number and stores that number, not the fingerprint. This ensures that the fingerprint can never be recreated from the data held by the system.

If you'd like a free consultancy meeting to find out whether your school could benefit from an identity management solution, email us at info@ictfoundry.co.uk and we'll give you a call back at a time to suit you.