Login Company Products Services Careers Contact Search Request a Demo Parent or Student Teacher Current Customer Future Customer
Section Icon

NASIS 2.0

Enhanced security requirements

PIV – Personal Identity Verification

Required for Tier 1 NASIS users (Bureau-operated schools only)

PIV Card Authentication Registration Process Added – (Released in Campus.2116) PATH: System Administration > User Security > User Preferences Management > Login Security Settings 

PIV Card authentication functionality has been updated to include a more streamlined registration process. These updates allow PIV Cards to fully work as a means of authenticating and logging into Infinite Campus. For a complete walkthrough of this process, see:

Two-Factor Authentication (also known as 2FA/MFA)

Required for all users except parents and students. 

As an increased layer of protection for Infinite Campus accounts, user accounts can be enabled with device-based two-factor authentication functionality. When enabled, users are provided a unique QR code and Text Code which requires them to authenticate their account using a device and an authenticator application (such as Google Authenticator, Authy, LastPass, etc).

Two-factor Authentication Video

45-day Inactive Accounts

Applicable to ALL NASIS users

Any accounts that have not been used within the set period will be deactivated and will require the school NASIS admin to reactivate.

Tier 1: Administrative Users

Contractor system administrators, database administrators, network administrators, application developers, help desk/support staff and BIE/BIA employees serving as system administrators. These users are required by DOI, DHS, OMB and NIST guidelines to be provided access the system using HSPD-12 compliant screening process and DOI mandated PIV access cards.

Tier 2: State/District Users

Tier 2 state users are BIE employees who have PIV cards. These users have state level access to reports that utilize read-only data across all BIE-funded schools. There are two Tier 2 district users at each school, one school administrator and one designee that because of their job function will have access to PII data (across public internet connections). This level of access may also include BIE employees who have PIV cards. BIE employees with PIV cards are required to access the NASIS 2.0 system using PIV authentication as prescribed for Tier 1 users. All others are required to use a NIST SP 800-63 compliant multi-factor authentication mechanism to access the NASIS 2.0 application.

Tier 1 and Tier 2 Account management - IA manages bureau users and school’s system administrator accounts using the automated Identity Information System (IIS). This includes establishing, activating, modifying, reviewing, disabling and removing of NASIS 2.0 accounts. Accounts are established by the user initiating a request through IIS. Next, the IIS request is automatically sent to the supervisor for approval. After access is approved within IIS, the user completes the NASIS 2.0 user ID/password request form, and has it signed by the supervisor. The state user then sends the form and the Federal Information Systems Security Awareness (FISSA) certificate to the NASIS 2.0 state edition system administrator to create the user account. The school level district user sends the same form and the FISSA certificate to Infinite Campus to create the user account. Once an account has been created, the system administrator notifies the user via email of their user ID and temporary password with instructions that the user will be required to create a new password. Upon a change in a school NASIS system administrator (technical contact) the school contacts Infinite Campus by creating a Salesforce case to remove the technical contact and to create the new technical contact user account. Infinite Campus' support staff will attach the NASIS designation form to the Salesforce case that is filled out by the district and must be signed off on by the school’s principal or superintendent. Once the form is received back from the school with a current FISSA attached, a campus support staff will create the requested account.

Infinite Campus system administrators maintain the infrastructure for the application. All users are in the Infinite Campus Microsoft active directory and are added to a specific active directory group that allows them to connect to the NASIS 2.0 equipment.