Monday, 1 June 2009

Outsourcing email and identity provision

Once upon a time I ruminated about universities outsourcing email, and certainly as far as student email goes it seems to be close to a no-brainer. After all if they don't like/use the service you provide why not give them the service they do want (or not).

However I always had a vague unease about the whole process. Not about the mechanics, but about the process. The same goes for the argument about why bother to provide email at all.

And now, since happening across another post on outsourcing email I know why I felt this unease. The problem is not email, it's identity management.

Increasingly we live in a world based around federated identity, or more accurately services such as Webassign, which are reliant on federated identity, ie the ability of institutions to assert that a certain identifiable individual is associated with that institution. And often its the student email address that is used to identify the individual using whatever technology we use.

Now the interesting thing about outsourcing email is that we segue into using windows live id, OpenID or whatever as an alternative identity federation service, for no other reason that it lets users of our systems access these shiny useful extras such as google docs or blogger, and we don't have to host it ourselves.

And ever so slightly we've begun to lose control of being able to make the assertion that X is associated with Y institution and is thus entitled to Z where Z can be anything from LMS access, using the print system, online access to specialist digital content ...

No comments: