SSO application security is a shared responsibility between each of the system members and System IT. As part of the System IT responsibility, System IT has provided a number of resources to assist with the security review processes, including:
- Subject to some limitations, SSO automatically removes roles from terminated employees on a daily basis
- SSO’s Roles by Application, Employees with SSO Roles, and Employee Monthly Position Changes reports
- File Depot’s Guardian I-9 User List spreadsheet
- Operation of the SSO Role Review application for reporting Member-level and Department-level reviews
Additionally, SEA Support helps the Application Security Officers oversee the member institutions’ review processes.
SEA Support Review Responsibilities
In addition to providing security review resources and overseeing the review process, SEA Support is responsible for conducting a periodic role review of its own. If SEA Support finds questionable role authorizations, the authorizations in question will be removed at SEA Support’s discretion.
If a particular member institution is continually deficient in its security reviews, SEA Support may also involve the member ASO to enforce remediation.
In addition, SEA Support also conducts regular access reviews of these applications:
- Data Warehouse Report Portal
- Endowment Reports
- Event Registration
- HUB Reporting
- Insurance Billing
- System Real Estate
- UIN Search
Finally, SEA Support conducts regular access reviews of all applications’ global roles.