What Is WISEsecure?
WISEsecure is a DPI WISEhome secure application. The WISEsecure application allows District Security Administrators and Application Administrators to securely assign or remove user access to WISEhome applications, data reporting tools, and other tools stored in WISEhome like School Directory and PI-1207.
Users can access WISEhome applications based on their user roles. More information about DPI's applications and user roles association with each application is on the WISEsecure Roles webpage.
Three User Roles within WISEsecure
- DPI Admin: only for DPI staff
- Districts Security Administrator (DSA): assigned to LEA staff
- Application Administrator (App Admin): assigned to LEA staff by the DSA
- NOTE: A single user can hold both the user roles of DSA and App Admin at the same time, or a different person can have each role.
This page includes step-by-step instructions for DSAs to follow to perform these DSA-specific tasks in WISEsecure.
WISEsecure Task Guide for DSAs
Click the links below to navigate to different section of this page:
Information About the District Security Administrator (DSA) Role
The District Security Administrator can either be the District or Choice Administrator (Superintendent) or an individual the District Administrator appoints.
The District Administrator is responsible for either acting as the District Security Administrator (DSA) or delegating that authority to another person.
NOTE: This is similar to a person who assigns roles and manages access to the district's student information system (SIS).
The District Security Administrator, or DSA, controls which district and school personnel have access and how much access each person has. The DSA should have detailed knowledge of school/district security, of data functions throughout the local education agency, and of DPI’s WISE applications. They are responsible for the agency's data privacy policies required under §118.125(2). Refer to the Student Data Privacy Resources page for more information.
DPI recommends that each agency limit the DSA role to one or two DSAs.
DSA Role - Tasks
In WISEsecure, district security administrators (DSAs) can perform a variety of important security tasks. DSAs can:
- assign other users as application administrators,
- designate with which email address domains users can sign into WISEhome,
- review which applications each user can access, and
- revoke application access for users who no longer need access or who leave an organization.
- DSAs can also grant normal application security and user roles.
- For instructions on assigning user roles in WISEhome applications, refer to the Assign Access to WISEhome Applications webpage.
The District Administrator Authorization Form
DSAs can access every feature in WISEsecure. To request that DPI assigns you as a DSA for your organization:
- Create a WAMS ID associated with your district email address. To do so, go to WAMS self-registration.
- Use your WAMS username and password to log in to Footprints.
- Complete the District Administrator Authorization Form. This submits a request to DPI that you need to be assigned the role of DSA.
- This indicates that you understand student data privacy and confidentiality as well as the responsibilities of a DSA, and that you pass along the knowledge to any delegates.
- Your District Administrator will update the form, review responsibility, sign, designate or remove DSAs, and submit the form for approval.
- If the District Administrator chooses to delegate the DSA role, the District Administrator must have the delegate's WAMS ID before making the request on the form.
2. The DSA gains access to the District WISEsecure Security Administrators lookup application.
3. The DSA logs in to WISEhome and assigns or removes Application Administrators for each application.
4. The District WISEsecure Security Administrators lookup application sends an email to the users assigned or removed, notifying them of their access.
Refer to the following user guides for instructions on how to use WISEsecure as a DSA:
Quick Training Video for Completing the DSA Set-Up Form for School Administrators
Running time: 4 min. 3 sec.
- WISEsecure: Tasks for District Security Administrators (DSAs)
- Includes instructions for assigning application administrators, designating approved email address domains, reviewing user access permissions, and off-boarding users.
- WISEsecure: Assign Access to WISEhome Applications
Assign User Roles for an Application and Review User Access Permissions
To learn how to assign user roles for a WISE application, and how to review user access permissions, visit the Assign Access to WISEhome Applications webpage.
Assign a User as an Application Administrator
If desired, the DSA can delegate role assignments and removals to an Application Administrator. Application Administrator roles are app-specific and optional. Depending on the district or school's workflows, it may be helpful to assign an Application Administrator to some apps and not others. WISEsecure allows for flexibility.
To learn how to assign the specific user role of Application Administrator, visit the Assign Access to WISEhome Applications webpage.
Designate Approved Sign-in Email Domains
Users can log into WISEhome with an email address in an approved email domain. The email domain is the part of an email address that comes after the @. For example, DPI employees have the email domain @dpi.wi.gov. As a DSA, you specify with which email domains users can sign into WISEhome at your organization. To do so:
1. Go to the Email Domain Restriction page in WISEsecure.
2. To add a new approved email domain, enter the domain in the Email Domain field, including the @ sign, and click Add.
3. If there are email domains you no longer want to allow, click Remove next to the email domain to remove it from the approved list.
4. In the User Lookup From list, you can determine how users are able to log into WISEhome. Select WISE ID to allow users to sign in using email addresses using Google Cloud Directory Sync. Select WAMS to allow users to log in using a WAMS ID. You can select both options if you want both to be available.
Offboard Users
When a user leaves your organization or otherwise no longer needs access to WISEhome applications, you can quickly remove their user roles on the Offboard Users page. To do so:
1. On the Offboard Users page, search for a user by Email, First Name, or Last Name.
2. Select the user from the list of results, then click Review User Access to open the Offboard User (Remove Access) form.
3. On the Offboard User (Remove Access) form, double-check to make sure you want to remove the user's access to all WISEhome applications. If so, click Revoke All Access.