The Challenge: Cost Effective Password Security
Today's college campuses face enormous challenges with security issues, including integrating front-line software such as the learning management system and student information system, while ensuring the students and faculty have secure but easy-to-use access to those systems and many more.
Basic issues with default password assignment and resets, along with single sign-on access, make up some of the most common security hurdles institutions wrestle with. As anyone who has staffed a service center knows, lost and forgotten passwords and account lockouts are unavoidable. Especially at the start of each semester, help desks typically deal with a deluge of calls related to logging into systems. This puts undue strain on IT, which either diverts staff from bigger issues, or must “staff up” temporarily to meet demand.
Making the problem worse, multiple password prompts for different systems -- email, portals, apps, the LMS and the SIS – can mean multiple reset requests from a single student or faculty member.
Excess passwords also compound the risk of security breaches, since each password offers a new avenue to hackers, who pick the weak link across multiple systems. Students with many passwords often resort to using the same one over and over. Staff at a service center are exposed to passwords as they help users remember or reset them, creating more security and compliance issues.
In addition, it's challenging to assign and deliver initial passwords to new students in a timely manner – and extremely difficult to ensure participation. One of the primary reasons password reset systems can fail is a simple lack of student participation. To work, the access system needs to be clear, simple and universally enforced. Ideally, different user types will have different requirements – for example, full-time, part-time, or online-only students, along with faculty, adjuncts, and staff.
Additional password security steps such as two-factor authentication – requiring a user to prove identity in two separate ways rather than just one – can increase security greatly, but is rare in higher education because such solutions tend to be unaffordable.
With typical enterprise off-the-shelf single sign- on solutions, pricing is an issue as well. A single sign-on (SSO) security system can simplify many password issues, but unfortunately, many SSO solutions are complex and costly. Although most colleges, especially community colleges and smaller universities, face tight budget constraints, enterprise single sign-on solutions generally start at nearly six figures – well outside many education budgets.
Faced with these security challenges, higher education needs an affordable, highly secure solution that zeroes in on the issues that affect campuses most: simple and secure password set and reset tools, and secure single sign-on.