Overview: Aegis Identity Software, Inc. (AIS) was started in Oct 2011 by veteran Identity Management and EdTech professionals who had been active in deploying Sun Microsystems IdM Solutions into Higher Education for many years prior. At that time, Oracle’s acquisition of Sun Microsystems gave rise to the thought that the EdTech market may look for an alternative to a Sun to Oracle migration, and at that point AIS began as an IdM solution provider with 100% focus on EdTech.
Unique differentiation: AIS is very aware that there are great IdM solutions in the market today. However most of them have been architected for the commercial space, and many of them have grown old or have become over-complicated with time and based on servicing multiple vertical markets. EdTech is unique in one very critical way; Schools collaborate and Corporations compete. Why does this matter? It matters in a variety of ways:
Architecting for easy Identity Federation: Many universities participate in consortium led networks that build an “Identity Provider” to “Service Provider” connection using a SAML based “Shibboleth” open source connection. The IdM solution provider must be able to easily work within this framework, which is the case with AIS.
The requirement for multi-role IdM, and group management: Corporations allow identity access based on the a “lowest common denominator” role configuration, and usually an individual is in one role only for compliance and security reasons. However in EdTech one individual could have simultaneous roles of student, employee (works in the bookstore), and faculty (grades papers as a TA), and AIS has architected it’s solution for this unique use case.
Expedient onboarding: A large institution could have 5,000+ new freshmen showing up in 1 week. A corporation would never hire that many people in such a short amount of time. So the AIS solution is architected in a way that makes onboarding very effective for the university, and very convenient for the student.
Unique EOL business process requirements: This is another area where corporations vary significantly from EdTech. In a corporation, if you’re out, you’re out – and usually very quickly for security reasons. EdTech does not work that way; usually relationships are gradually phased out or simply moved to alumni systems. It takes an IdM system that is built accordingly to meet this unique EdTech need.
Unique relationships: As discussed above a good IdM solution for EdTech takes a special architecture. But there are other unique considerations as well. These include technology components and industry relationships.
On the technology side, an IdM middleware infrastructure is a “broker” between “authoritative sources” (application software such as ERP, Financial, HR, LMS, etc) and “target systems” (LDAPs, A/Ds, cloud solutions such as Google Apps, Exchange servers, etc). Connections are then built between these various sources and targets. It should be clear at this point that the list of connectors built for EdTech are going to be quite different than the list of connectors built for the commercial space. A good EdTech IdM vendor will have the right connectors “in the box” which will increase speed of deployments and lower costs.
EdTech is also very strongly aligned with industry consortia and key vendors. AIS is a long time member of EDUCAUSE, Internet2’s “InCommon” Federation network, and we’re Ellucian’s only Alliance Partner listed in the Identity Management area to name a few. In both 2014 & 2015 Gartner refers to us along with industry titans IBM, Oracle, and Microsoft as a “selected vendor” for EdTech deployments.
Occasional Market Confusion: AIS is first and foremost an enterprise class middleware software provider. In this area our highest priority solution is that of provisioning and de-provisioning identities amongst and between authoritative events and target systems. As a secondary role we normally also get involved with Federating Identities.
We like to clarify that we are adjacent to many Access Management solutions such as reduced sign on (RSO), single sign on (SSO), biometric access solutions, multi-factor authentication, and so on.
We participate closely with such access technologies, as is evidenced by our partnership with Duo Security, but we are primarily an IdM provider for provisioning solutions, and federating identities is quite different than SSO for example.
Open and Friendly to University and K12 relationships: We are very aware that there are many financial and administrative differences in the way schools acquire, finance, and maintain EdTech solutions. This takes many shapes and forms including:
Whether there is preference for cloud versus on-campus solutions
Varying views on the utility of on-campus developed solutions
Varying views of the utility of open-source based solutions
The ability to deploy, configure, and support software on-campus with existing staff versus vendor professional services
Security versus client “ease of use” tradeoffs
On-campus developed IP, licensing, and monetization
As a 100% EdTech focused vendor we try hard to maintain the same open posture as Educational Institutions. Our client base gets access to many parts of our source code and we also see code shared amongst institutions. Although only briefly without having user credentials one can see evidence of this on the website http://www.tridentcoe.org/, our community site for our Trident user community.
We try hard to keep prices low and pricing structures simple. We also build solutions for expedient deployments. IdM roll outs are rarely quick, and there are many instances of failed attempts in the marketplace, but this is our goal.
We are also aware of industry events where IdM solutions are being considered that will be built with 100% open source via committee. A good example of this would be Internet2’s TIER initiative. We applaud this vision and try to collaborate with them when possible. With this said 1. nothing is ever truly “free”, 2. they show a protracted timeline of 3 – 5 years before completion, and 3. their access management features are clear but their provisioning model still looks undefined. We would like to have a closer conversation with TIER as it relates to provisioning.
Conclusion: A good Identity Management infrastructure is critical for educational institutions. It creates a good ROI for the administration by having the automation required to onboard and off-board so many digital identities each year. It also enhances a cyber-security initiative by managing identities to include identity reconciliation, identity synchronization, and timely de-provisioning to ensure only authorized users have access to appropriate systems, and ensure access is removed at the right time. This ultimately reduces risk for the institution, as any issue of an identity breach is a bad headline.
Aegis Identity is committed to being the BEST solution for Identity Management Systems in the EdTech marketplace.