In recent years migrating to the cloud has become a common action for many educational establishments. When looking to migrate partial or entire on-premise services, it is important to ensure the transition is smooth, however this is not always the case. This often results in an increased load on the help desk and IT department. As part of the transition there are a number issues that need to be taken into consideration, in this post I highlight some of those more overlooked ones.
Normally, cloud applications aren’t active directory integrated so you no longer have the option of an on-premise, single authentication source. The very nature that it is no longer local (i.e. within your network), means it is essential that multiple forms of authentication are considered to maintain tight security. Does your service offer this? Some do, some require additional setup or purchasing, others simple don’t.
Personal data duplication
Inevitably multiple services that are authenticating and managing users can result in personal data being duplicated. Users are now having to manage information on themselves in multiple places; on premise services as well as in the cloud. Data consistency also plays a factor here, updating one source and not another results in incorrect profiling and HR’s task can become a complicated and time consuming challenge. Does your service provide some synchronization function? Some services can provide either a data replication feature or allow you to keep a single personal data source, again there are those that don’t support this at all.
Avoiding password problems
Multiple systems equals multiple passwords and with multiple passwords comes password problems, which will inevitably result in an increased load on the helpdesk. At all cost you will want to avoid users writing account details on sticky notes but it’s not easy to manage multiple accounts, most people have multiple accounts both personal and business. Does your cloud service allow you to synchronize passwords with other systems?
Differing password policies
Most educational establishments have their own internal standards for passwords and in an ideal world, complex passwords are preferred. However, not every system can or does adhere to this. Password policies can differ wildly from one cloud application to another and this can result in passwords being written down. Password issues result in the highest number of helpdesk tickets every year and if you have managed to get a handle on this moving to the cloud without consideration of this can have a detrimental effect on IT admins/helpdesk teams.
Conflicting password expirations
This goes hand in hand with password policies but worthy of a note in itself. Most systems require passwords are changed frequently for security purposes but even this can have a knock on effect on your migration plans. If users are having to change passwords on different systems at different times it becomes a nightmare for users. Users like things to be easy and straightforward, the very ethos of any migration plan should be to make students, faculty, and end-users life much easier and simple. If users are having to churn out more cycles to managing their accounts not only are you going to get disgruntled users but a security disaster waiting to happen. Each system has its own expiration cycles that occurs can your new cloud service synchronize passwords?
To bring it all together, for all the good things moving to the cloud brings there are many security implications that schools need to think about. Any new system needs to be transparent and effortless for users especially students.