identity and access management (idam) for the ultranet release 1 information for principals
TRANSCRIPT
Identity and access management (IDAM) for the Ultranet
Release 1 information for principals
Purpose of this presentation
This presentation is designed to:– Provide an overview of IDAM– Provide timelines for IDAM Release 1– Describe Release 1 roles (principal, IDAM admin, others)
– List preparatory tasks for principals– Provide tips (to inform decision making)
– Detail how to access more information and training
This is a high-level view only.
Further detail will be presented to IDAM administrators in information sessions provided by Ultranet coaches.
What is IDAM?
• It is the Department’s system that:– Manages usernames and passwords – Enables access to and security for the Ultranet
Think of it as the ‘key’ that gives users access to the Ultranet.
Where does IDAM fit in?
Manages identitiesand passwords
Manages accessto the Ultranet
Maps Ultranet relationships(e.g. links a student with their school in Phase 1
and with their family/ies in Phase 2)
Provide identity data about users
Data sources
CASES21, VSR, Entity Register,
Edumail
IDAM The Ultranet
Timelines
• IDAM will enable the following users to access the Ultranet in Release 1:– Staff with EduMail accounts– StudentsSchools will be provided with access to IDAM in line with their deployment schedule.
• In Release 2, IDAM will enable the following additional users to access the Ultranet:– Staff without EduMail accounts– School visitors (e.g. school council members)– Parents and guardians.
Schools will be provided with access to additional IDAM functionality to support Release 2 deployment in mid-late August.
IDAM roles – Release 1
IDAM self-service· Change
password· Reset password· Maintain secret
questions and answers
· Setup & maintain IDAM system
· Delegate admin. role to principal
· Coordinate student welcome letters
· Reset passwords· Manage accounts· Delegate admin
rights· Change student
usernames
DEECD central Staff withEduMail account
IDAM Admin’r
· Has full admin rights
· Delegate admin. rights to staff
Principal
Initial registration
· Change password
· Set up secret questions
Student
Initial registration
· Register EduMail account details in IDAM
EduMail self-service
· Change or re-set password
· Set up and maintain secret Questions
Administrative roles Registration & self-service
IDAM roles – principal
• Receives notification from DEECD that IDAM is available
• Receives full ‘administrator’ rights• Uses the hyperlink provided to register on IDAM
(see the next slide)• Delegates administration rights to nominated staff.*
Administration rights can be changed at any time and can be delegated further (downwards) to suit.*See: ‘Tips - Delegating admin rights’.
How users register and use IDAM
Phase 1 users
Username and password
How do they register? The password is maintained or changed in…
All staff with EduMail
Is the same as EduMail Goes to IDAM to activate registration
EduMail self-service
Students 1. Is created in IDAM from CASES21 data (temporary password)
2. IDAM administrator prints and schools give students IDAM welcome letters
1. Registers in IDAM with temporary password
2. Changes the password to a 7-digit alpha-numeric
3. Sets up secret questions
IDAM self-service
IDAM administrator may be required to support some students
IDAM roles – administrator
• Coordinates student welcome letters* (generation, printing, distribution)
• Plus, as required:– Resets student passwords– Unlocks student accounts– Enables/disables student accounts– Delegates admin. tasks (downwards)
– Generates alternative student usernamesDetails and scenarios will be presented to IDAM administrators soon.
*See ‘Tips - Student welcome letters’
Preparatory tasks for principals
1. Decide how your school will delegate IDAM tasks*
2. Nominate staff for administrator training*3. Discuss administrator roles with chosen staff4. Decide how your school will:
–distribute student welcome letters**–make sure students and teachers register for the
Ultranet–support students to protect and manage their
usernames and passwords.*See: ‘Tips – Delegating admin rights’ **See: ‘Tips – Student welcome letters’.
Tips – Delegating admin rights
• Choose IDAM administrators early:– Schools deploying Ultranet in:
• Term 2 - choose IDAM administrators early in Term 2 • Term 3 - choose IDAM administrators by middle of Term 2.
– IDAM administrators need to:• attend network briefings provided by Ultranet coaches• work through online training modules• register in IDAM then coordinate student welcome letters, so
students can get onto the Ultranet quickly
• Weigh up the benefits of:– delegating to many to share the load but reduces overall security
vs – delegating to few for tighter security but is more work for each.
Coaches will contact schools early Term 2 about IDAM administrator training.
Tips – Student welcome letters
• Prior to Ultranet deployment, you need to decide how your school will manage student welcome letters:– Who will distribute them (home group
teachers, office staff, year-level coordinators?)
– What security arrangements will be made to keep these letters from getting into the wrong hands?
Support for IDAM administrators
• Information sessions – Run by Ultranet coaches in each network
• early Term 2 for schools accessing Ultranet in Term 2• late Term 2 for schools accessing Ultranet in Term 3
– These sessions will cover:• An overview of IDAM• IDAM concepts (households, digital identity and entitlements) • Privacy and access issues.
• Training materials– User guides and quick sheets– IDAM online training modules
• Brief, self-paced lessons and simulations covering common administration and self-service tasks.
• Other information– IDAM FAQs– IDAM fact sheets
Further information
• Available early term 2:– Overview for IDAM administrators (PowerPoint)– IDAM quick sheet for principals
• How to register and set up secret questions• How to grant admin rights
– A presentation for staff about privacy/security, safe and responsible use, intellectual property (IP) and copyright as they relate to the Ultranet.
– Information for parents about privacy and access.
All information will be available from the Ultranet Schools Sharing Centre at:https://edugate.eduweb.vic.gov.au/sc/sites/uip/usr/default.aspx
ULTRANET © 2010Department of Education and Early Childhood DevelopmentGPO Box 4367 Melbourne, Victoria 3001