Single Sign On Clever for Schools with Norwin Herrera Artwork

Community IT Innovators Nonprofit Technology Topics

Community IT offers free webinars monthly to promote learning within our nonprofit technology community. Our podcast is appropriate for a varied level of technology expertise. Community IT is vendor-agnostic and our webinars cover a range of topics and discussions. Something on your mind you don’t see covered here? Contact us to suggest a topic! http://www.communityit.com

All Episodes

Community IT Innovators Nonprofit Technology Topics

Single Sign On Clever for Schools with Norwin Herrera

February 20, 2026 • Community IT Innovators • Season 7 • Episode 15

0:00 | 26:35

In this episode host Carolyn Woodard is joined by Norwin Herrera, IT Business Manager and Team Lead at Community IT. Together, they walk through a real-world case study of a public charter school that implemented a Single Sign-On (SSO) platform called Clever that can solve cybersecurity and accessibility challenges for adult or child students.

Strategic IT Leadership for Nonprofits

Unlike a traditional account manager, an IT Business Manager (ITBM) acts as a strategic partner, helping nonprofit leadership understand the technology landscape and make informed decisions that align with their mission. The ITBM role is unique to Community IT and is an example of a commitment to partnering with clients over the long term.

In this case, the goal was to find a SSO solution that could handle a complex mix of Chromebooks and Windows devices while remaining user-friendly for both adult students and faculty.

The Power of Single Sign-On

SSO acts as one door for all of your doors. By using Clever as an identity manager, the organization was able to:

Enhance Cybersecurity: Centralizing access allows for immediate offboarding. If a student or staff member leaves, closing one account automatically secures access to all others, prevents fraud, and saves money.
Automate User Provisioning: Through zero intervention integration with the Student Information System (SIS), accounts are created or deactivated automatically based on enrollment status.
Improve User Experience: Students no longer need to remember multiple different passwords for Google, Microsoft, Zoom, and Slack for example. One password provides access to all the apps they have access to as a student using a school device.
Reduce Administrative Costs: Norwin breaks down the ROI of SSO, comparing a small per-user fee against the hundreds of hours of manual labor required to manage accounts individually.

Change Management and Successful Implementation

A successful IT project is about more than just software; it is about people. Norwin explains why this project resulted in zero tickets and no complaints: it started with leadership buy-in and a commitment to clear communication.

Whether you are an executive at a school or a volunteer board member at a community nonprofit, this episode offers practical insights into how integrated cybersecurity and strategic IT planning can save your organization time and money.

Listen in to learn how your organization can move toward a more secure and efficient digital future by subscribing to the Community IT Innovators Technology Topics podcast.

_______________________________
Start a conversation :)

Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
email Carolyn at cwoodard@communityit.com
on LinkedIn

Thanks for listening.

Carolyn Woodard 0:22

I'm just going to record this and maybe it can be a podcast. And then can I just ask you questions about what you did? Okay.

Carolyn Woodard 0:30

Welcome everyone to the community IT Innovators Technology Topics podcast. I'm Carolyn Woodard, the host. And today we're going to learn more about a uh single sign on, which is a kind of uh cybersecurity um project, I guess you would say, uh, with Norwin Herrera. So, Norwin, would you like to introduce yourself?

Norwin Herrera 0:55

Hello, everyone. I'm Norwin Herrera. Uh, I've been in community IT for about six years now. And yeah, I work in the implementation of a single sign-on project for an organization.

Carolyn Woodard 1:08

And you are an IT business manager, and also you're the lead of that team, right? So can you just say a little bit about what an IT business manager is? I usually say they're like an account manager, but so much more. Because you all have both the technology background and technology skills and deep understanding and experience, but also a business background and a business kind of strategic thinking that you help the clients think through maybe how to get more value out of their IT infrastructure, maybe some improvements that they need to make, some strategic planning. So, can you talk a little bit about what you do as an IT business manager?

Norwin Herrera 1:50

Well, you just described it well.

Carolyn Woodard 1:55

And so you had this client, and I think they are a school. Are they a charter school?

Norwin Herrera 2:00

They're not they're a public charter school, yes.

Carolyn Woodard 2:03

Okay. And and um, so how did you did you do a software selection with them? How did you come to the understanding that they needed a more robust single sign-on? And how did you go about helping them with that strategic planning?

Norwin Herrera 2:20

Well, let's start saying that they didn't have a single sign-on project uh platform in place. So they asked us what is the best uh recommendation that we have for them. And I mean, there's some elements to have in mind. If you have a kid, you know what is clever, right? So everyone who has a kid already knows clever because that's the platform that this the students and the public schools are, some of the students and some public schools are using. So we know that from a fact that it is a simple sign-on and it's easy to use and it's helpful to your kids, right? So that was one element. The second element was because this this uh organization was not a kid's school, it's an adult school, but you know, uh making a decision to, I mean, having a decision to implement a project that has to be easy to implement, user-friendly, right? And if kids can get it, adults can get it. So that was like two more elements in play right there. And then the other element is have we done it before, right? Like we as a community have done it before, and the answer was yes. We already made it. We already implemented a project with single sign on using clever as the platform to do it. So we had the experience, we recommended to our clients something that we already knew, and obviously uh we we need the the glitches and the system, and and that's why we recommended. And the client says, I think we can go for it.

Carolyn Woodard 4:01

That's great. I want to just jump in and remind everyone that we are vendor agnostic. So um, you know, there are there, I'm sure there are many different single sign-ons, probably even some more that are uh oriented and designed just for public school systems for remote learning or for charter schools for remote learning. So this was the one that we chose. But as you said, this is kind of how you think through your strategic decision making. So we had the experience already of having used it. It was designed for this type of an implementation for schools, for their students to be able to. I mean, single sign-on, right? It's uh easier to log in. Can you describe a little bit what single sign-on is, just in case anyone doesn't know?

Norwin Herrera 4:45

Yes, single sign-on, obviously, you mentioned it before, it's a it's uh part of the cybersecurity roadmap that we have in community IT. So it's one of the multiple elements that we consider having in your cybersecurity infrastructure, right? So single signal is one single point to sign in, right? And the moment that you sign in into that platform, you will have access to other platforms in your organization. So it's easier for the user because they don't have to remember 10 passwords, right? Or 10 different logins. They only have to remember one login, and that login basically grants you access to the rest of the software in your organization. You can name it, right? Google, Microsoft, Zoom, Slack, um Zana, and whatever, you know, you name it. The the list of the of the uh software that are in your organization, you can basically include them in there. Obviously, if the single sign on platform allow it to be configured that way, right? In some scenarios, some of the uh uh software that does not apply for that software for clever, for example. So if it's not included, at least you can add the link in there, you know, and some people can go from the platform all the way to the other uh software that you want to give them access. So single sign-on is basically one door for all your doors that you have internally in the organization. And it's good because in the moment that the person departs from the organization, if you cut off that single sign-on access, you basically are cutting off access to the rest of the systems in your organization. So easy to get in, also easy to get them out.

Carolyn Woodard 6:39

Yeah, and I think for schools, single sign-on is really valuable because often you know the students will have the school property. It's their iPad or their laptop that they're using. And you, as the school, with a single sign-on, the student signs on, they only have to remember that one password. And then they have access through your device to the apps and programs that you have allowed on that device. So they can go to the things they need to go to for school, but they wouldn't be going to you know, apps that weren't appropriate or weren't allowed.

Norwin Herrera 7:19

That is true. I mean, in this particular case, we have um for this organization, we had a mix of devices. So we had some Chromebooks devices, which is make it a lot easier, and also we had some Microsoft devices. So we did something really, really interesting with this organization, having Clever as the identity manager is called. So basically, Clever is the one provisioning, and provision means creating their accounts in Google and also in Microsoft. I mean, you have to pay you have to pay a little cost to it, right? But uh that cost is is is like well vested because I think it's a dollar per user per year. So if you have 2,000 users, you pay $2,000 for the whole year, right? I mean, you can go lower and higher, but that's just to give you an idea, right?

Carolyn Woodard 8:16

And that would solve all of those headaches of trying to have managing all of those Chromebooks and all of the Microsoft devices.

Norwin Herrera 8:25

That's that is the comparison I was gonna give you. Like if you want to create a user in Google and also in Microsoft, it's gonna take you at least, let's say, 50 minutes per user, right? You go to one user and then you go to another user, and then for those one single user in two different platforms, 50 minutes, right? Multiply that for a thousand. So how many minutes you have in there?

Carolyn Woodard 8:49

Yeah, so that you're paying for.

Norwin Herrera 8:52

Exactly. So some people will say, no, that is expensive, or the project is uh to implement is like expensive because we pay $25,000, right? Let's say $25,000. So divide that $25,000 in every single student, how much is the cost, right? And then if you do that manually, you can basically compare that, right? And then you don't have the layer of security because oh, somebody left the organization and then you forgot to disconnect the account, it takes you a long time to realize, you know, use this is what happens usually in organizations that forget about closing some accounts. So in this particular case, you have two things time saving and money saving at the same time, and higher security, right?

Carolyn Woodard 9:40

Especially if you are talking about children, but I think even for adult students, like you don't want, yeah, you want to have that layer of security around them being able to do their schoolwork.

Norwin Herrera 9:51

That is correct. So therefore you have like three things in one. So if you do one project, we're gonna have basically you have a check for cybersecurity, check for doing an easy onboarding, and check for doing an easy onboarding, and also you can have a check for saving time and saving money.

Carolyn Woodard 10:10

And I think just the yes, you said that the onboarding and offboarding is easier, it's gonna save you time, so that'll save you costs. But then also from what you're talking about, I you must have some kind of dashboard in clever where you can manage those devices no matter which devices they are.

Norwin Herrera 10:29

That is correct. I mean, no devices. You can you can basically manage users.

Carolyn Woodard 10:35

Yeah, that's what I meant.

Norwin Herrera 10:36

Yeah, yeah, users, no devices. The devices are managed in a different platform. Differently, yeah. It can be an Azure or they can be in the Google console. There is there is one thing that is important to have in mind. In this particular case, the organization that I work with, we basically uh tie the onboarding and user creation to their own uh student system information. And so basically, the system who is creating the users are coming from their uh their main source of creation, which is the student information system. So basically what we did in this project was zero intervention. So in the moment that the student is registered in their organization, right, in their system, that system is the one sending the instructions to clever saying, hey, I have a new student, here it is, right? So the student information system sends the information to the student by uh one field. This field in this particular case is the status of the student. So if this if the status of the student is enrolled, automatically the system will send that information to clever and clever will have internally a trigger, right? So clever will ask itself, do I have this user in Google? If the answer is no, it will go ahead and create it. If the answer is yes, it's not going to do anything, right?

Carolyn Woodard 12:17

Right.

Norwin Herrera 12:17

Then it will ask Microsoft, do I have this user in Microsoft? If the answer is yes, nothing will happen. If the answer is no, then it will go ahead and push to create a new provision, right? Create a new user in their in their platform. So imagine there there is zero intervention in the way they're doing it. And where is everything coming from? From the student information system, which is most of the school have, right? They do have a mobile information system. So basically, we did this successful project, I will say, because we managed to get into their student information system connected to clever, and from clever connected to Google and Microsoft.

Carolyn Woodard 13:04

Sounds amazing. So, from can you talk a little bit about from the student's perspective? How easy is this?

Norwin Herrera 13:13

Super easy because before the student needed to remember one uh username and password for Microsoft, one username and password for uh uh Google, and then other other software that they have in there also they needed to remember that. So it was like a headache to be you know remembering all this one, two, three, four, five systems to get access to. Now everything is basically in one place. Also, think about this the systems now, Google and Microsoft are in are forcing you to have uh a compliance, uh eight characters, one uppercase, one lowercase, one number and symbol, right? So basically, what we did in this particular case was okay, let's make it simple for the student and let's create something that is very unique to them and also very unique, but we can can comply with this uh eight characters, uppercase, lowercase, number, and a symbol. So we managed to have something very, very creative for the students, easy to remember for them, and obviously easy to don't forget, don't forget.

Carolyn Woodard 14:31

I cannot tell you, just with my own kids, the number of times that, like in a class, they have to do Google Slides because that's how they have to turn in their assignment, but then they can't show it on the screen because it's a Microsoft something or other. So I think that's just um, it just must be so good for the students because you really want to lower their ability to say, oh, I couldn't do that assignment because I forgot that one password that has the app that I had to use for it.

Carolyn Woodard 14:59

And then from the administrators, you know, the the people that you work with at the school who may or may not be tech people, you know, how how was it for them to do this project? And is it easier for them to manage it all?

Norwin Herrera 15:15

It was easier because the the teachers were looking for it. So they were ready, they were already waiting for the project right to happen. And some of the teachers also have kids and they know what they're talking about.

Norwin Herrera 15:31

So just by that, because we knew that was a winning situation, and in the moment that we say, okay, we're gonna do this, we're gonna do this, and obviously we we prepare them, like we give them a heads up. It was not new to them. They say, okay, in this summer we're gonna implement single sign-on. So they knew and summer will come, right? Then at the moment that we launch it, right, we explained them what we did, we explained the decision-making process, we explained them how it's gonna happen and when what's gonna happen.

Norwin Herrera 16:01

And it was like this: easy to adjust for the teachers, easy to get for the students, and there was one caveat that we didn't calculate it in that moment, which was uh the the implementation of the integrating um Microsoft as well. So at the beginning of the project, we only considered Google for it. But then we realized we also can do it in Microsoft. And remember, they they this organization in particular have their devices in Azure. So since they are in Azure, we're using Autopilot Int. So Autopilot Intel means one single point of access to Microsoft account. So nobody who nobody can use that computer if it's not from that organization.

Norwin Herrera 16:47

So in the moment that we created the users from the clever console, basically we didn't need to do anything, everything was set. The student just needs to sign in in their computer, and automatically the computer was going to provision everything and then getting access to the computer and device, right? And the and the and then in the Microsoft environment. And the Google environment is easier because they are logging in with Google. So in the moment they log in, they already have access to. And the first step we pop up is the clever portal, so they know this is the way to go, you know? And then nothing is saved in there in those devices, just to have to have clarity, right? Students usually don't save data on their devices. The data is stored in a cloud, they have a system to learn. So basically, every single uh file, whatever they they work with, is in the cloud. So basically, those computers are like a tablet for them. You know, they just access it and then start working.

Carolyn Woodard 17:47

So they can work from anywhere as long as they have uh internet access. That's I mean, just what that's the you know, that's not the word golden goose, you know, like being able to do that as a student, and especially adult students uh at this school who are often, you know, working families, working parents, and they need to be able to work on their homework when they get a chance to.

Norwin Herrera 18:09

And the way I can tell you this this uh project was a success, because nobody has complained, and we have almost zero tickets, you know. Wow. Almost zero tickets. So it's it's just a glitch of some students who are returning students, but that's something that is easy to fix, you know. But you know, if in technology, when nobody complains, that means successful. We don't they don't need to say you're successful. We know it's successful because it's zero complaints.

Carolyn Woodard 18:40

Yeah, no, that is so amazing. I I love this project too, because you know, we often say that we want to partner with our clients and we want to be a trusted partner. So we know that our clients like they know what they want to do. Nonprofits always have very clearly they know what their business is, they know what their community is that they're working in, they know what they wish they would be able to do, but you know, they're not gonna be an expert in what technology is out there and available and is gonna save them money or is worth the investment. And that's what we come in.

Norwin Herrera 19:14

So we open an ITBM, right? That's exactly the ITBM job.

Carolyn Woodard 19:18

Exactly. Exactly. So we it's our job to know what the technology landscape is and what software is available or you know, that single sign-on exists, and it would be a good idea in this case. And then we work with the clients, and I that's why I love this uh project that you're talking about because it sounds like such a good partnership.

Norwin Herrera 19:38

It is, and and that's that's the most important piece that the organization understands how we work, you know, and they trust us, right? We're we're doing this, and then the good thing they need to know. I mean, everybody who wants to work with community, they need to know that we have plus 200 clients, and that's a hub for learning and improvement, learning and improvement. So basically, we're constantly being challenged and we're constantly learning, and we are constantly adjusting to those uh challenges that we face, and basically we improve little by little, little by little, little by little. So now when you're talking, also community has a very low rate of people who leave the organization. So some of our engineers have been in the company for 10 plus years. So it's people who know what they do, they know how to do it. I mean, we we have different styles, but at the end of the day, we know how to do the work. So that's important to have in mind.

Carolyn Woodard 20:33

Yeah, when you hire Community IT, when you partner with us, you're not just getting that single point of contact, or you're not just talking to the help desk. We're all talking to each other as a team behind the scenes, also.

Carolyn Woodard 20:47

So if you are working with one school and you have this incredibly easy implementation that went really well, that solved a lot of problems and challenges that school was having, then anyone else on your team who's also working with a school is gonna think, oh, maybe that would be a value that we could use with a different partner too. So we're always trying to figure out where, you know, we're working with nonprofits. So we always want to do what's gonna be in their interest to save them money, save them time, and make their it easier to do their mission. In this case, you know, having the students be able to work remotely.

Norwin Herrera 21:24

That is correct. Yep. We we are not there for, I mean, we don't want to partner with an organization just for a couple of years. We want to partner with them for a long time. And also the retention client time with us is I think it's one of the highest in the, I don't want to say in the country, but it's possible that it's one of the highest in the country.

Norwin Herrera 21:44

You know, it's it we have clients with us for more than 20 years, so that that tells you how good we are with them and how good they feel with us, right? Yeah. So we treat them equally, fairly, and you know, we give them our our best advice all the time. It's it's up to the organization to make the decisions, but we give them our advice, you know, and that's when the trust comes in play.

Norwin Herrera 22:08

So in this particular project, the organization knows us because we have been working with them for more than two years, and also uh they are willing to challenge their staff, you know. And tell them, hey, we need to execute this for you, we need to make it happen now, so be ready. And now the staff is ready for the change because change is difficult.

Norwin Herrera 22:33

And some people it's it's not easy to make a change and an adjustment, right? So that is important to have in mind too. If you want to make a change, first your leadership needs to be on board, right? As soon as your leadership is on board, you need to bring everybody on board. You're not gonna please 100% of your staff because that's not gonna happen. It's a reality, right? There is always one person who's gonna complain, there's always one person who's gonna be against the project, there is always one person who's gonna have a best better solution than one you're bringing in. But if you get stuck in that, you're not gonna make it. So the the important piece is leadership needs to understand that it needs to happen. And we will help you to make it happen. You know, then we create a good partnership.

Carolyn Woodard 23:18

Yeah, yeah. No, I mean, and this partnership is really uh just the longer we work with a client, I think the better we get to know them, the more able we are to help with big projects, help with little projects day to day, you know, see where we can help them make good IT decisions. But they make the decisions, as you said.

Norwin Herrera 23:40

They made the decision. We just give them our advice, you know, but and then we convince them sometimes. And sometimes they c onvince us, and I don't know what to say. Sometimes we just go for it, but uh sometimes, you know, we don't know, we don't have a hundred percent success, right? There's always a range of something happening that is out of our control. Technology-wise, we know what to do, but people-wise, it's difficult because it's

Carolyn Woodard 24:07

people are people,

Norwin Herrera 24:08

it's people are people, exactly. So, but you have to be mindful about it, right? And then you need to understand that that's the scenario you're gonna face. And that's it.

Carolyn Woodard 24:16

Yeah, no, somebody when I did the um change management webinar just a couple of months ago, it's all about people. Like technology doesn't exist in a vacuum of just technology. It's people who have to use it, people who make the decisions to invest in it, people who have to implement it, people who roll it out.

Carolyn Woodard 24:35

So um, yeah, it's really important to work with the people and do all of the change management that you talked about, making sure that the leadership is involved, making sure that there's a lot of communication, when we're gonna do it, why we're doing it, how it's gonna work, that you have mechanisms for people to give you that feedback, which it's so wonderful when there aren't any complaints and there aren't any uh tickets and negative feedback.

Carolyn Woodard 24:59

And I think that helps too when you're working with a partner who can do a really successful implementation like this one. Then all of those staff members who maybe were skeptical, you know, they can breathe a sigh of relief and be like, oh, this one this works, like this makes my life better and it makes my work easier. And uh, what are we gonna do next?

Norwin Herrera 25:19

Exactly. That's exactly what the message. What is next? And now we are working on cybersecurity with that organization, which is fantastic, you know, we keep it rolling, we keep improving every day. That's what we do.

Carolyn Woodard 25:33

Thank you so much for your time today, Norwin. I know you were super busy going from here and there and uh other things that you had to do, but I really want to thank you for sharing this uh case study with us today about clever single sign on. And um, it just sounds like it went so well. And I was really happy to hear about it.

Norwin Herrera 25:51

Thank you. My pleasure to share uh knowledge.