Harris Federation turned to Identity Experts to help them build a new solution to manage staff identity management.
Managing identities across an organisation is difficult enough for one entity, but imagine the complexity if users have roles across different organisations, all of which need to be managed centrally. Although this may sound unlikely, in today’s continually evolving world it is becoming more common.
The Harris Federation is a not-for-profit charity with over 25 years’ experience of education in and around London. With more than 40 establishments operated, they have built their reputation on a family of Academies that, across the board, are setting standards of excellence and fulfilling high expectations.
Coping with multiple staff roles
The IT department for the Harris Federation has to manage the accounts for more than 30,000 users across all their academies, as Andy Meighen, IT director explained.
“More than 80% of our users are students and managing the identities for these is pretty straightforward. We have built our own system that automatically provisions and de-provisions accounts from our MIS system, and has worked fine for a number of years.
“The complexity occurs when we want to automate identity management for our staff. Firstly, we did not have a single source of data for all our staff. This is because we employ both salaried staff and those on short term contracts. In addition, our salaried staff can work at different academies in different roles. This means there are duplicate accounts created in our MIS system, making it unsuitable as the definitive data store for identity management.”
Build a new database for staff identity management
As a result of this, Harris Federation decided that the best way to solve the problem would be to build an entirely new person database. “This would enable us tailor the information to reflect the different roles an individual may have at different academies,” said Andy. “We would then have the definitive source of information to drive the joiner, mover and leaver processes with our Active Directory setup.”
After deciding to utilise Microsoft Identity Manager to synchronise the data, the Harris Federation realised it would need a partner to help them complete the project.
“So, we spoke to Microsoft directly,” said Andy. “They recommended a few partners, but after speaking to them all, we decided to go with Identity Experts as they specialised in identity Management and were experienced in implementing such solutions in the education sector.
Consequently, in the summer of 2016, Identity Experts consultants met with the IT team at the Harris Federation to start the project. “Initially, they sat down with us to understand our challenges and the sources of data we had available,” explained Andy. “From this initial discovery work, they were then able to scope the project for our agreement and sign off.
“They then set about building the solution and setting up the various connectors to the new database from our original data sources. Finally, once the system had been implemented they carried out skills transfer with our staff, so we would have a better understanding of the system and be able to provide more support internally.”
Taking care of joiners, movers and leavers
Understanding the environment
“Working with Identity Experts has been easy,” concluded Andy. “We could tell from the first meeting that they understood the environment in which we were working and were able to utilise that experience in helping us design a better system that works for us. “Whenever we have a problem we cannot resolve internally, we know escalating it to them will get us a rapid response. As we continue to expand the system I feel confident that they have the expertise and experience to support our identity management efforts.”