Really curious now - is it that the application itself requires an MFA / 2 factor or that it is accessible through the school's MS / Google or even LMS environments?
I know that I usually try to look at how the tool integrates with other existing systems, and, more specifically, the learning management system or productivity suite of the school. Some strategies for academic technology providers have been to try to provide a solution for all types of log in - MFA, login button in the productivity suite, login button from the LMS. My preference has always been the "keep-it-simple" method and making sure that the faculty logs in to their "portal" for the school (LMS usually) to then find the academic technology within. In that faculty are already familiar with one of the larger systems of the school or organization where they are already required to log in with MFA it doesn't create a completely new process for getting to the tools they want to use (and solidifies them in their usage of the LMS or workspace). Since the other underlying or connected systems and technologies provision up from there it means that they don't have to keep track of more login methods, credentials or unnecessary login challenges.
Just an aside - I also found it a great way to ensure that the students are also protected on their accounts (when working with high schoolers and university students in particular).
Standalone is always an option, but it means that there is a lot of extra energy put in to uploading and inputting information manually, plus it means that you're doing a lot of exporting of data from an existing database into a local device to move it to another database. It can introduce security risks, and also can be a little bit intense if you encounter periods of "add/drop/swap" or admissions where student populations change their dynamics.
The tricky part of all of this is to find out this kind of information - MFA, what an integration might mean, who or what will handle the data processing - upfront in those first crucial discovery moments when looking at new services or online tools.
Thanks, Scott and William! It's always interesting to reflect on why certain decisions were made in the past as well as how one can think for the future in selecting technologies!
------------------------------
John Dimaria
Customer Success Manager (North America)
Digiexam
Stockholm
------------------------------
Original Message:
Sent: 03-20-2024 04:23 PM
From: William Stites
Subject: TOP 10 things to consider when using a new service or online tool…
Two-factor/MFA and privacy concerns are big items to consider for sure!
------------------------------
William Stites
Montclair Kimberley Academy
Montclair NJ
Original Message:
Sent: 03-15-2024 12:24 PM
From: Scott Davis
Subject: TOP 10 things to consider when using a new service or online tool…
These are high on my list when asked about new tools:
For a tool used by faculty and staff: Does it require two-factor authentication? If it doesn't, I'll recommend finding a different tool
For students: What are the age restrictions, does their privacy statement say anything about CIPA/COPPA/HIPAA compliance. Is it ad-supported?
------------------------------
Scott Davis
Edu-Tech Academic Solutions
Original Message:
Sent: 03-14-2024 05:06 PM
From: William Stites
Subject: TOP 10 things to consider when using a new service or online tool…
Why does a school need to evaluate any professional technology tool or service (and why should you evaluate them in your personal life)?
TOP 10 things to consider when using a new service or online tool…
What am I agreeing to?
Creating an account = signing a contract. Each time you accept or agree to "terms of service" (ToS), you sign a contract between you/MKA and the service.
What information am I sharing?
Each time you accept or agree to a "privacy policy," you provide access to information/data. Who has access to the service? How is the data managed and deleted when the service is no longer used?
There is no free lunch!
Even if the technology tool or service says it's "free," there is still a hidden cost… the price is data you agree to share when you accept the ToS and privacy policy.
Wait… I need to upgrade to do that?
Free is the hook to get you to spend. Whether it's a limited "taste" or a "free trial" to get you started, you must pay for the features you want, remove the ads, or keep using the product.
They aren't asking for much.
Whether it's data or money, even a little bit adds up. Dollars add up for each account. Data shared is data that can be exposed or used in unintended ways.
Money doesn't grow on trees.
We all have budgets in our lives and need to work within them.
How many tools are enough?
There are a lot of apps, services, and tools out there that do similar things. How do we choose which ONE to use, understand, and support?
Wait… how does that work?
How many tools can someone use and still remember how they all work from one situation to the next? Management, support, consistency of use, and experience grow as we use more and more apps/services.
I forgot I have that account.
How many accounts do you have for service that you forgot you even had? What information did you share with them, and how long have they held on to it?
It's not the first domino to fall… the long game.
Even data that may seem minor or insignificant if sold or part of a breach can be combined with other pieces to create a complete picture. This can happen immediately or after years of collecting data from various sources.
What would you add to this list?
Be sure to check out the related article "Managing Vendors and Vetting New Products" in the Spring edition of Access Points magazine.
#ITSystemsandSupport
------------------------------
William Stites
Montclair Kimberley Academy
Montclair NJ
------------------------------