Account and Access Control Management

Security Domain

CIS Control 5 – Account Management, Control 6 – Access Control Management
NIST CSF – Protect: Identity Management, Authorization, and Access Control (PR.AA)
NIST 800-53 – Access Control

Service Description

The NCEdCloud Identity and Access Management (IAM) Service provides every K-12 student, teacher, staff member, parent/guardian, and school community member in North Carolina an account, with a single credential that enables access to cloud based learning resources.

We Treat Online Identities as Unique and Valued People

Product

NCEdCloud IAM Service / RapidIdentity via Identity Automation

Key Benefits

SSO with MFA into state applications
Same credential for both state and local systems
Automated provisioning and de-provisioning (Identity Lifecycle Management)

Cost to PSUs

No cost – funded by School Connectivity Initiative and NCDPI K-12 Cybersecurity Program

PSU Time Commitment

Upfront/Setup: Varies based on PSU (All PSUs are enrolled in this service)
Ongoing: Varies based on unique PSU environment

How to get this service

Contact NCEdCloud IAM Service POC for more information

Point of Contact

Name: John Mairs, NCDPI
Email: John.Mairs@dpi.nc.gov

Resources

CISA and NSA – Identity and Access Management Recommended Best Practices for Administrators
CISA and NSA – Identity and Access Management: Developer and Vendor Challenges