Educause Security Discussion mailing list archives
Re: Outsourcing Student Email - Security Concerns?
From: "Francis, Greg" <francis () ITS GONZAGA EDU>
Date: Thu, 26 May 2011 10:12:57 -0700
Hi Allen, At Gonzaga, those of us that dealt directly with student mail balked for more than a year about moving our students to a hosted e-mail solution because of technical. A lot of those concerns were tied back to service, reliability, security, and compliance. At the same time, we had issues with our local mail service for students (Horde/IMAP/Sendmail) with performance and storage allocation. We just couldn¹t match what the hosted providers offered. In talking with students, most of them were all for a hosted solution if it improved their functionality, performance and capacity. We also provide lifetime e-mail for our alumni so that was also an issue for us. Last August, we moved all of our students over to Google Apps for Education and it has been fairly successful. The biggest pain point was that we changed student¹s e-mail addresses because they shared the same address space as faculty and staff and we wanted the MX records to go directly to Google instead of passing through Gonzaga¹s mail system. That was a real annoyance to some alumni as well since they had had the same address for more than ten years. We don¹t get complaints about it anymore though. We chose to implement SSO for authentication. We don¹t replicate passwords to Google at all; the students end up touching a local page to authenticate using AD and then get passed back to Google once they¹re authenticated. This doesn¹t work for IMAP so if a student want to use IMAP for a mobile device, etc, they need to setup a separate IMAP password which may or may not be their AD password (encourage a different password). The migration certainly had its share of issues but I think that our students are happier with Google than they were with our internal mail system and they have a lot more capabilities and storage than we could have ever provided them in-house. There are some IT-side issues with things like mail tracing and mailbox review that we were able to do formerly that is more problematic in a hosted model. However, those issues are relatively small in comparison to the overall benefit. The biggest challenge that I believe we¹ll face in the upcoming year or so is the desire for faculty to collaborate directly with students through Google Apps. To date, we don¹t provision employees on Google (we are Exchange for employees) but we¹ll have to see how that plays out in the future. We did do an evaluation of Google Apps vs Microsoft Live@EDU) and ultimately chose Google. That evaluation is now more than eighteen months old and the services have continued to evolve so I can¹t speak to the relevancy of that comparison today. I will say that Google¹s provisioning and management systems were far less mature than we had hoped. They are continually improving though which is helpful. Greg On 5/26/11 8:04 AM, "Allen Wood" <awood () HILLCOLLEGE EDU> wrote:
Hello all, I work for a small community college and we¹re currently running Exchange 2010 for student email. Our VP likes the idea of using Google Apps for Education (or Microsoft¹s Live@edu) and freeing up that mail server for something else. I am leery of making the move and basically putting the student¹s Active Directory accounts in someone else¹s hands. I would think there are also possible compliance issues, but I haven¹t really studied that side of it yet. Have any of you ever made either side of this argument before? If so, would you mind sharing any info that you may have available that may help us decide outsourced vs. locally hosted, and maybe even Google vs. Microsoft? Thanks in advance for any info- Allen Wood
Greg Francis Director, Central Computing and Network Support Services 502 E. Boone Ave. Spokane, WA 99258-0092 509.313.6896 direct http://www.gonzaga.edu/its
Current thread:
- Outsourcing Student Email - Security Concerns? Allen Wood (May 26)
- Re: Outsourcing Student Email - Security Concerns? Walter Moore (May 26)
- Re: Outsourcing Student Email - Security Concerns? Kenneth G. Arnold (May 26)
- Re: Outsourcing Student Email - Security Concerns? Dr. Wole Akpose (May 26)
- Message not available
- Re: Outsourcing Student Email - Security Concerns? Charles Polisher (May 26)
- Re: Outsourcing Student Email - Security Concerns? Gene Spafford (May 26)
- Google Apps additions Plesco, Todd (Jun 14)
- Re: Google Apps additions Jesse Thompson (Jun 14)
- Re: Google Apps additions Theresa Rowe (Jun 14)
- <Possible follow-ups>
- Re: Outsourcing Student Email - Security Concerns? Radford, Jennifer (May 26)
- Re: Outsourcing Student Email - Security Concerns? Barron Hulver (May 26)
- Re: Outsourcing Student Email - Security Concerns? Walter Moore (May 26)
- Re: Outsourcing Student Email - Security Concerns? Francis, Greg (May 26)
- Re: Outsourcing Student Email - Security Concerns? Mike Porter (May 26)
- Re: Outsourcing Student Email - Security Concerns? Dr. Wole Akpose (May 26)
- Re: Outsourcing Student Email - Security Concerns? Allen Wood (May 26)
- Re: Outsourcing Student Email - Security Concerns? Walter Moore (May 26)
- Re: Outsourcing Student Email - Security Concerns? Jesse Thompson (May 26)
- Re: Outsourcing Student Email - Security Concerns? Walter Moore (May 26)