Designing Organizational Unit Structures
Technical Writer for Kincaid IT
The design of OUs is very flexible and can be as simple or complex as your needs drive. Just keep in mind, you have to maintain what you create and be cautious of ensuring that newly created OUs over time get assigned policy in your content filter.
With the growth of integrating systems and the use of single sign-on (SSO), it is important to thoroughly consider the interdependencies that will exist when designing the structure of your domain’s organizational units (OUs). With Google, your services are turned off and on at an OU level. Other services and applications as well as integrations with active directory domains play a key role in how you structure your OUs.
Securly content filtering allows you to apply your filtering settings based on OUs that are imported from Google. When designing your OUs with this in mind, here are some things to consider.
- Are you syncing your Google environment with Active Directory (AD)? Do you push certain settings to specific building users such as printers or mapped drives? If so, you will need to consider the policies you are leveraging in the active directory and the scope of users for each of the policies. You may find you need to adjust AD implementation to bring these environments together.
- Separation of staff and students is always important. These are diverse user groups.
- Administrators access to the reporting features such as the access that Securly provides for emotional wellbeing support with Flagged Activity is applied by OU. With this in mind, consider creating a structure that allows you to give access as appropriate for these users (i.e. by building).
- Ensure that your OU design allows you to accommodate separate policy if needed for different grade levels and age groups. Social media and networking access through content filtering is often age driven. Students generally are turning 13 in grade 7, putting them at the allowed age by many social platforms to have an account. This is also a key age for the Children’s Online Privacy Protection Rule (COPPA).
- One-off needs may also require special consideration. Perhaps you have a student group that needs access to a site that is normally not allowed for a school-sponsored activity or you want to block a student from social media due to a discipline request. Securly allows you to do this with a custom group – no sub-OU’s required. If you have other settings that need to be different for this group of users, you may already have them in their own OU in which case it is simplest to then apply the special content filter policy to the OU.
The design of OUs is very flexible and can be as simple or complex as your needs drive. Just keep in mind, you have to maintain what you create and be cautious of ensuring that newly created OUs over time get assigned a policy in your content filter.
How We Can Help
Kincaid IT can help your school or district review the OU structure in one of our Audit KITs to ensure that it is the best fit for the specific needs. You can also leverage our technical team’s expertise in cloud systems via our Assist KIT’s technical support hours.