ctcLink Reference CenterResourcesPMO - Project InformationCurrent ProjectsSecurity Administration System Improvement [SASI] Project Information Guide

Security Administration System Improvement [SASI] Project Information Guide

Purpose: As the effort to define Security Administration System requirements has evolved with the College Advisory Group, this guide is being re-branded to address broader improvement efforts for how our system manages security administration.  This guide will now be referred to as the Security Administration System Improvement Project.  The information is intended to aid in framing out the next steps to develop a set of project activities to address college needs associated with more effective ctcLink Security Administration tools.

The guide provides:

  • High-level guide - Next steps to keep us moving through each project phase.
  • How college Subject Matter Experts (SMEs) can get involved and stay informed on project progress.
  • Background information project historical content.

Audience: College Subject Matter Experts (SME) interested in ctcLink Security Administration and Security Audit Reporting

Updates:

  • Important Project Announcement - SASI Project Re-Brand Please refer to the announcement in the Background Information section.
  • SASI College Advisory Group members were selected on August 14, 2023.  Please refer to the College Involvement section to view the list of advisory group members and to view regular meeting recordings and materials.

 

High-Level Project Phases - Updated! 05/28/2024
Phase 1:  Discovery, Planning and Design Work Packages

This phase will set the stage for all remaining project phases. In this phase the following will take place:

  • [Completed] Establishment of a College Advisory Group
  • [Completed] Define and Prioritize Security Administration System Requirements
  • [Completed] Review Requirements and Security Administration Business Practices for Functionality Fits and Productivity/Audit Gaps
  • [Completed] Detail Gap Analysis and Vet/Document Solution Approaches
  • [In Progress] Secure College Buy-Off on Solution Design(s)
  • [In Progress] Secure Governance Approval to Address Solutions
Solution Design Work Package List
#0A - Off-Boarding [In Development, see ticket 140891]
  • Effort in progress that pre-dates the SASI Project, but addresses requirements outlined during the SASI Requirements Validation phase.
    • Requirement SA-019: More automated off-boarding capabilities around roles/secondary security.
#0B - SACR Security Using LaunchPad [COMPLETED- CS Launchpad updates moved to Production 3/21/24]
  • #0B - SACR Security Using LaunchPad [COMPLETED- CS Launchpad updates moved to Production 3/21/24]
    • Effort in progress that pre-dates the SASI Project, but addresses requirements outlined during the SASI Requirements Validation phase.
      • Requirement SA-020: Ability to copy SACR/UPDS from one user to another or from a standard template based on position.

Solution Overview Presentation from Monthly Security Meeting:

#0C - User Preference Definition Using LaunchPad [COMPLETED- FS User Preferences Launchpad updates moved to Production 12/26/23]
  • Effort in progress that pre-dates the SASI Project, but addresses requirements outlined during the SASI Requirements Validation phase.
    • Requirement SA-020: Ability to copy SACR/UPDS from one user to another or from a standard template based on position.
#1: Role Grouping Templates
  • Draft Solution Design Document Presented to CAG Group on 02/27/2024 - Under Review by CAG
    • Requirement SA-024A: Ensure any role doesn't present an SOD issue.
    • Requirement SA-024B: Role Groupings Do Not Allow for Grouping of Roles that Would Violate SOD.
    • Requirement SA-018: Ability to assign roles by role groupings/positions.
    • See 02/27/2024 CAG Meeting Minutes for Discussion

Draft Solution Design Document for SD #1 Role Grouping Templates:

  • Feedback and Decision Timeline for Work Package #1
    • 4/11/2024: Review Solution Design at Monthly Security Administrator Meeting
    • 4/16/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
    • 4/19/2024: Feedback Update in SD document and republished
    • 4/22/2024 to 4/26/2024: College Sign-Off Period
    • 4/26/2024: College Sign-Off Was Completed by 5PM
#2: Security Reporting Dashboard
  • Draft Solution Design Document Presented to CAG Group on 03/12/2024 - Under Review by CAG
    • Requirement SA-015: Better reporting capabilities for Secondary security;  ability to compare users for SACR/UPDS
    • Requirement SA-023: SOD Reporting between pillars
    • Requirement SA-034: Add a LSAs Workcenter to build custom security groups for employees, where the SACR and UPD security setting that are assigned to an employee are visible on one page or Workcenter...which could include a query access paglet tab. Have a query description where you can select a query, then the roles are added to the user.(Dashboard reporting)
    • Requirement SA-004: When an employee works at multiple colleges, system should provide capability to display role access granted by a specific college either through an Inquiry View or Report.
    • Requirement SA-022: Tracking and Reporting of Approvals and Role Assignments, including SACR, UPD, Faculty Advisor Table, supplier, Procurement Card Permissions, Requester Setup, Tables (Query Record Access), AWE and employee management.
    • Requirement SA-007: The ability to see an employee's portal (Oracle Integration Hub) roles.
    • Requirement SA-016: A visual representation of security Permissions in PeopleSoft Navigations menus
    • Requirement SA-017A: Ability to compare security access differences between users in a single environment.
    • See 03/12/2024 CAG Meeting Minutes for discussion.

Draft Solution Design Document for SD #2 Security Reporting Dashboard:

  • Feedback and Decision Timeline for Work Package #2
    • 4/11/2024: Review Solution Design at Monthly Security Administrator Meeting
    • 4/16/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
    • 4/19/2024: Feedback Update in SD document and republished
    • 4/22/2024 to 4/26/2024: College Sign-Off Period
    • 4/26/2024: College Sign-Off Due by 5PM
#3: Role Approval Workflow
  • Draft Solution Design Document - Security Team Documenting Design Ideas - Presented to CAG on 04/09/2024
    • Requirement SA-001: Employee must have the ability to request a security role be added to their user profile.
    • Requirement SA-002:Manager or role evaluator will be notified of a role request, with the power to edit the role request prior to approval.
    • Requirement SA-012: Ability to input an ID of who approved the security role exceptions.
    • Requirement SA-026:  Role Access Requirement Warnings (e.g. Requisition Process). Upon role assignment, generate a warning message that alerts LSA to requirement secondary security needs. ​
    • Requirement SA-030A:  Upon role Request submission, prompt either requestor or reviewer to with SACR Security Page requirements.
    • Requirement SA-030B:  Optimally, prompt for requested values for approval.   ​
    • Requirement SA-031:  Upon role request submission, where Institution Default values exist, provide a means for auto-populating in the request the standard default values for that requestor's institution, to be picked up on the approval workflow and automated assignment.​
    • Requirement SA-032:  Upon role Request submission, prompt either requestor or reviewer to with User Preference Definition Security Page requirements. Optimally, prompt for requested values for approval.   Though User Preferences has so many options/areas to check a box, and many of them we don’t know what they do (not really documented).  So not sure how this warning would work.  Probably would work better for CS roles requiring SACR. ​
    • Requirement SA-041:  Employee, Employee's Manager or Pillar Lead should all be able to initiate a role/role group request. ​
    • Tangentially Relevant Requirement SA-042: Provide a means by which each college can designate that a role applies to the work at that BU

Draft Solution Design Document for SD #3 - Role Approval Workflow:

  • Feedback and Decision Timeline for Work Package #3
    • 5/09/2024: Review Solution Design at Monthly Security Administrator Meeting
    • 5/14/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
    • 5/24/2024: Feedback Update in SD document and republished
    • POSTPONED: College Sign-Off Period
      • Link (open during period outlined above): Placed on hold while we incorporate user feedback.
        • (See sample of the survey questions in the pdf below for socializing on your campus)
    • ON HOLD: College Sign-Off Due by (TBD)
      • The SBCTC Security Team received a good amount of feedback, some of which revealed major differences in the base business practices and protocols for User Access Request processes across the colleges. With the number of ideas proposed during the feedback loop and the number of business practice differences the team felt it would be best to review the underlying requirements and functions of the solution with the Security Administration System Improvement (SASI) College Advisory Group (CAG) to determine if college provided updates to the solution should be included.
      • Due to this extra effort, the team has decided to pause on the sign-off of the existing Solution Design for Wk Pkg #3. Once the SASI CAG members have provided their input on the solution design review, the updated Solution Design document will be posted to the ctcLink Reference Center and a new survey sign-off period will be established.
#4: Data Masking for Cat 4 Data Security
  • Draft Solution Design Document - Security Team Documented Design Ideas - Targeted to Present to CAG on 03/26/2024
    • Requirement SA-013: Protect Category 4 Sensitive Data.

Draft Solution Design Document for SD #4 - Masking for Category 4 Data Security:

  • Feedback and Decision Timeline for Work Package #4
    • 4/11/2024: Review Solution Design at Monthly Security Administrator Meeting
    • 4/23/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
    • 4/26/2024: Feedback Update in SD document and republished
    • 4/29/2024 8AM to 5/3/2024 5PM: College Sign-Off Period
    • 5/3/2024: College Sign-Off Due by 5PM
#5: Comparison Tool for User Profiles Across Environments
  • Draft Solution Design Document Not Started - Security Team will hold feasibility discussion with College Advisory Group on May 14, 2024 meeting.
    • Requirement SA-017B: Ability to compare security access differences between a user in two environments
#6: Okta Shell Roles for Third Party Access Notices
  • Draft Solution Design Document - Security Team Documented Design Ideas - Targeted to Present to CAG on 03/26/2024
    • Requirement SA-043: A tracking mechanism with pop-up announcement that appears when offboarding an individual to also inform staff they need to offboard in LegacyTranscripts, LegacyLink (and any other third party applications we can incorporate).

Draft Solution Design Document for SD #6 - Okta Shell Roles:

  • Feedback and Decision Timeline for Work Package #6
    • 4/11/2024: Review Solution Design at Monthly Security Administrator Meeting
    • 4/23/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
    • 4/26/2024: Feedback Update in SD document and republished
    • 4/29/2024 to 5/3/2024: College Sign-Off Period
    • 5/3/2024: College Sign-Off Due by 5PM
#7: College Identification of Desired Role Assignment
  • Discussion at January 23, 2024 CAG meeting was to have either a separate Work Package or include in Work Package #3. Decision by Security Team was to have the following requirements included in Work Package #3 - Role Approval Workflow.
    • Requirement SA-009: Warning messages of when certain roles have to be paired together. For example, you need ZD_DS_QUERY_VIEWER if you want an employee to have the ability to run any other query (aka Companion Role Identifier)
    • Requirement SA-026: Role Access Requirement Warnings (e.g. Requisition Process). Upon role assignment, generate a warning message that alerts LSA to requirement secondary security needs.
    • Requirement SA-042: Provide a means by which each college can designate that a role applies to the work at that BU.
#8: KT on Query of Portal Roles
  • Solution Design Document - See Work Package #2
  • Requirement SA-007: The ability to see an employee's portal (Oracle Integration Hub) roles.
    • This effort necessary to address this requirement was included in Work Package #2 - Security Reporting Dashboard, therefore no additional effort is needed for Work Package #8.
#9: Auto-assign Route Control BU
  • Draft Solution Design Document Not Started - Security Team will Document Design Ideas - Targeted to Present to CAG on 06/11/2024
#10: Dynamic Assignment of SACR Institution Security for Active Inst/Adv Table Entries
  • Draft Solution Design Document Not Started - Security Team will Document Design Ideas - Targeted to Present to CAG on 06/11/2024
#11: Name Change Dynamic Sync Across All Pillars and Okta (AD)
  • Draft Solution Design Document Not Started - Security Team will Document Design Ideas - Targeted to Present to CAG on 06/25/2024
#12: SOD Warning Pop-Up on Role Assignment
  • Draft Solution Design Document Not Started - Target TBD
Solution Design Review and Sign-Off

During Phase 1: Discovery, Planning and Design the team will document the solution design for implementing each aspect of the product.  

The Solution Design Documents (SDD) are intended to be plain language overviews of the challenge being addressed and what will be done from a functional and simplified technical design perspective to solve the problem with the implementation of any security administration system improvement efforts. 

These SDDs will be posted to this SASI Project Information Guide as they are completed. 

A sign-off survey will be distributed to ensure all colleges have the opportunity to review and sign off on the design before moving into the next project phase(s). While each college district will have only one vote, all college SMEs will have the ability to review the SDDs for a better understanding of how this product will be implemented.

  • Work Package #1 - Role Grouping Template - SD Approved, ER Approved
  • Work Package #2 - Security Reporting Dashboard - SD Approved, ER Approved
  • Work Package #3 - Role Approval Workflow - SD On Hold
  • Work Package #4 - Category 4 Data Masking - SD Approved, ER In Progress
  • Work Package #5 - Comparison Tool for User Profiles Across Environments - Not Executed (See  5/14 SASI CAG Meeting Minutes or listen to 00:01 to 00:14 min of Recording)
  • Work Package #6 - Okta Shell Roles for Third Party Access Notices - SD Approved, ER In Progress
  • Work Package #7 - College Identification of Desired Role Assignment - Not Executed as it was merged with Work Package #3 (See 5/14 SASI CAG Meeting Minutes or listen to 00:17 to 00:18 min of Recording)
  • Work Package #8 - KT on Query of Portal Roles - Not Executed as it was merged with Work Package #2 (See 5/14 SASI CAG Meeting Minutes or listen to 00:18 to 00:19 min of Recording)

The below 4 Work Packages are on hold as we focus on #1, #2, #4 and #6. This is briefly discussed in 5/14 CAG Meeting (00:31 to 00:33 min of Recording)

  • Work Package #9 - Auto-assign Route Control BU - On Hold
  • Work Package #10 - Dynamic Assignment of SACR Institution Security for Active Inst/Adv Table Entries - On Hold
  • Work Package #11 - Name Change Dynamic Sync Across All Pillars and Okta (AD) On Hold
  • Work Package #12 - SOD Warning Pop-Up on Role Assignment On Hold
Phase 2: Security Administration Productivity Improvements

This phase includes the following:

  • [Not Started] Develop, Train and Implement Phase 1 Approved Security Administration Productivity Improvements.
    • Commence Development of Work Packages
    • Commence Testing of Work Packages
    • Provide Training Materials
    • Implement Work Packages
  • [Not Started] Determine need for future release phases based on results of Phase 1 and Phase 2 work.
College Involvement (Advisory Group Meeting Minutes) - Updated! 07/12/2024

There are many ways college staff can stay apprised of Security Administration System Improvement (SASI) Project activities or can get involved.  Below are key communication channels with college engagement possibilities:

SASI College Advisory Group (+ Meeting Minutes)

The SASI College Advisory Group works with the SASI Project Leadership Team to provide immediate feedback on business practices, design options, and current security management challenges.  The group meets regularly on the 2nd and 4th Tuesdays, from 2 to 3 p.m. 

Group responsibilities include:

  • Participate in Semi-Monthly (Tuesday afternoon) to give feedback on project activities or questions
  • Be available for Ad-Hoc Feedback Loops (as needed) on College Business Practices
  • Participate in Requirement Clarification Sessions 
  • Provide Early Feedback on Solution Design Materials
  • Participate in Solution Design Feedback Sessions as Change Champions and Thought Leaders
  • Respond to Surveys for Solution Design Decisions
  • Provide Input on Testing and Training Plans
  • Participate in User Acceptance Testing
SASI College Advisory Group Meeting Minutes
July 23, 2024
  • WVC Demo Recording ThoughtsContinue Review of Work Package #3 Feedback (LSA Community)
  • Discuss OCM/Test Prep/Campus Communication
  • Next Steps

Meeting Recording: Link

Slide Deck and Meeting Minutes:

July 9, 2024
  • Continue Review of Work Package #3 Feedback (LSA Community)
  • Next Steps

Meeting Recording: Link

Slide Deck and Meeting Minutes:

June 28, 2024 - Canceled
June 11, 2024
  • Review Work Package #3  
    • Follow-Up on the Business Process and Requirements
  • Next Steps

Meeting Recording: Link

Slide Deck and Meeting Minutes:

May 28, 2024
  • Discuss Work Package #5 – Different Approach​
  • Review Work Package #3 – Let’s Get back to the Business Process of it all.​
  • Next Steps

Meeting Recording: Link

Slide Deck and Meeting Minutes:

May 14, 2024
  • Discuss Work Package #5 Feasibility
  • Review Work Package #3 Timelines
  • Discuss Work Package #7 Requirements Addressed in Work Package #3.
  • Discuss Work Package #8 Requirements Addressed in Work Package #2.
  • Discuss Feedback on Work Package #4
  • Remaining Work Packages (#9 through #12)
  • Next Steps

Meeting Recording: Link

Slide Deck and Meeting Minutes:

April 23, 2024
  • Discuss sign off on WP #1 and #2
  • UAT Preparation
  • Reminder to get feedback on WP #4 and #6
  • Feedback on WP #3
  • Next Meetings

Meeting Recording: Link

Meeting Minutes:

April 9, 2024
  • Initial Solution Design Document Review
    • Work Package #3  Role Approval Workflow
  • Review of Decision Timeline and Process for Solution Design Work
    • Sign-Off
    • Surveys Posted

Meeting Recording: Link

March 26, 2024
  • Initial Solution Design Document Review
    • Work Package #4 – Data Masking for Cat 4 Data Security
    • Work Package #6 – Okta Shell Roles for Third Party Access Notices
  • Timelines for Solution Design
    • Work Package Review
    • Sign-Off
  • College Advisory Group Membership

Meeting Recording: Link

Slide Deck and Meeting Minutes:

March 12, 2024
  • Initial Solution Design Document Review
    • Work Package #2 Reporting Dashboard
  • Confirm Completion of Business Process Step Lists: SASI Requirements Google Doc:
    • Off-Boarding
    • Transfer to New Job at Same College
  • Discuss Work Package #1 Readiness
  • Next Steps - Member List (N/A min)

Meeting Recording: Link

Meeting Minutes:

February 27, 2024
  • Initial Solution Design Document Review
    • Work Package #1  Role Grouping Template
  • Complete Review Business Process Step Lists: SASI Requirements Google Doc:
    • Off-Boarding
    • Transfer to New Job at Same College
  • Next Steps - Timelines for Business Process Review & Solution Design Work

Meeting Recording: Link

Slide Deck and Meeting Minutes:

February 13, 2024
  • Clarification on Requirement
  • Final Review Business Process Step Lists: SASI Requirements Google Doc:
    • Off-Boarding
    • Transfer to New Job at Same College
  • Timelines for BPR & Solution Design Work
  • Next Steps

Meeting Recording: Link

Meeting Minutes:

January 23, 2024
  • Clarification on Requirement
  • Review Business Process Step Lists: SASI Requirements Google Doc:
    • Off-Boarding
    • Transfer to New Job at Same College
  • Timelines for BPR & Solution Design Work
  • Next Steps

Meeting Recording: Link

Meeting Minutes:

January 9, 2024

Meeting Topics:

  • Review Entries Added to Business Process Steps
    • Discuss additional requirements added
    • Discuss content added to Details of Concern column
  • Next Steps

Meeting Recording: Link

Meeting Minutes:

December 12, 2023

Meeting Topics:

  • Finalize requirements:​
    • Assess Gaps​
    • Develop Mitigations  ​
    • Solution Design Approaches ​
    • Business Process Review​
  • Close the Loop on Outstanding Requirements​
  • Review Business Process Step List​
  • How to Enter Feedback/Issues in List​
  • Timelines for BPR & Solution Design Work​

Meeting Recording: Link

PowerPoint Presentation and Meeting Minutes:

November 14, 2023

Meeting Topics:

  • Review Requirements
  • Brainstorm Solution Approaches
  • Determine Viability of Requirements ‘As Written’ or ‘Rewritten’
  • Next Steps

Meeting Recording: Link

PowerPoint Presentation and Meeting Minutes:

October 24, 2023

Meeting Topics:

  • Welcome  
  • Phase 1  
  • Requirements Discussion/Prioritization
  • Next Steps  

Meeting Recording: Link

PowerPoint Presentation and Meeting Minutes:

October 10, 2023

Meeting Topics:

  • Project Update & Discussion
  • Phase 1 Restructuring
  • Requirements Discussion/Prioritization
  • Next Steps

Meeting Recording: Link

PowerPoint Presentation and Meeting Minutes:

September 26, 2023

Meeting Topics:

  • Review Sentinel Module Functionality
  • Review/Update Discovery Points List
  • Review/Update Decision Points List

Meeting Recording: Link

PowerPoint Presentation and Meeting Minutes:

September 12, 2023

Meeting Topics:

  • Group Expectations and Goals
  • Review Sentinel Module Functionality
  • Review/Update Discovery Points Vendor Feedback
  • Next Steps

Meeting Recording: Link

PowerPoint Presentation and Meeting Minutes:

Membership List

The following college subject matter experts have been identified as members of the SASI College Advisory Group, through an official nomination and selection process completed on August 16, 2023.

Member Name Member Title Member Email
Stephanie Baker Business Systems Analyst [email protected]
Matt Connelly ctcLink Business Systems Analyst/Security IT Admin
[email protected]
Kathy Disney
Business System Analyst
[email protected]
Steve Garcia
Information Security Officer
[email protected]
Kaytlyn Hoch
Application Services Director
[email protected]
Jennifer Horrace
IT Customer Support Journey
[email protected]
James Josleyn
Associate Director of Technology Support Services
[email protected]
Jeremy Kelley
System Engineer
[email protected]
Victor Lopez
Business Systems Analyst / Local Security Administrator [email protected]
Carol McCarthy
Finance Business Analyst | Information Technology
[email protected]
Bradley Nuxoll
Senior Application and Database Developer
[email protected]
Nichole Seroshek
ctcLink Project Manager/Business Process Analyst
[email protected]
Linh Tang
Information Technology Staff
[email protected]
Hongyu Zhan
ctcLink Business Analyst and Security Coordinator
[email protected]
Advisory Group Member Connections with Councils/Commissions

Advisory group members who are also members of a specific council or commission may be called upon to provide insights into the activities of this group.  

Advisory group members will be provided periodic status update slide deck materials enabling them to share their work on this group.  

Councils and commissions seeking a project status update presentation from the Project Management Office can reach out to Tara Keen ([email protected]) to request an update at an upcoming council or commission meeting.

Monthly Security Administrator Meetings

The SBCTC-IT Application Services Security Team holds monthly Security Administrator meetings with Local Security Administrators, as well as interested Business Analysts and pillar leads, on the second Thursday of each month.  In this monthly forum, the Security Team will provide project updates, field questions and solicit feedback on current topics within the effort where the project team needs to hear from college experts. 

Any SASI Project update materials presented during these meetings will be posted to this Project Information Guide for easy reference and access.

Monthly Security Administrator Meeting Presentation Decks
College Collaboration Group

The College Collaboration Group meets the 2nd and 4th Wednesdays from 10 a.m. to noon and is an open forum for ctcLink Points of Contact, Business Analysts, and topic-specific SMEs to gather and discuss an array of topics that need to be shared and collaborated on in our system.

 While the topics change each meeting, regular SASI Project updates will be provided to this group to ensure broad input is gathered on topics related to the SASI Software implementation efforts. 

Background Information
SASI Project Re-Brand - Effective Tuesday October 10, 2023

Sentinel Implementation Project Re-Brand to Security Administration System Improvement  (SASI) Project

To prepare for the planned implementation of the Sentinel security administration software product SBCTC engaged in talks with the software vendor to ensure we fully understood the cost projections for annual Sentinel product licensing. In addition, the project leadership team worked with the vendor to address base product incompatibilities with our multi-campus, single-instance implementation of PeopleSoft and the need to lock down the application features to individual business units.

Unfortunately, the vendor cost model, even with offered discounts, posed a significant and exponential increase in the annual licensing cost. Those costs, coupled with additional costs for ensuring the product could support a multi-business unit security model, are prohibitive to the system moving forward with implementing the Sentinel product.​

Security Project Re-Brand

Given that we are unable to proceed with the implementation of Sentinel, it was deemed appropriate to re-brand this project effort. Rather than focusing on remediating a purchased software product, we believe it appropriate to shift our focus to the improvements our system and Local Security Administrators (LSAs) truly need.

To that end, we are re-branding the effort to now be referred to as the Security Administration System Improvement project. This project information guide was revised to align with these changes.

Next Steps

With the project shift in focus, we plan to place our first emphasis on documenting and articulating our functional, technical, and auditor requirements. This foundational work is already underway with the College Advisory Group and is targeted for completion by the end of the month.

The joint work of this group and the SBCTC security team, combined with our internal effort to document our security business practices, will lend itself to a fit/gap analysis on sustainable business practices to determine which functional gaps to address. We plan to begin the fit/gap effort in November.

We also have closed the governance loop on the Off-Boarding Process for security and are developing the work breakdown structure to commence development of that needed improvement, which should significantly improve the auditor compliance concerns colleges have and the productivity impacts currently being experienced by our LSAs.

Questions on this project direction change? Please contact:

 

 

SASI College Advisory Group Kick-Off Meeting  - 8/24/2023 - ** Completed **

The SASI (formerly Sentinel) College Advisory Group met on Thursday, August 24th to kick-off the work on their Sentinel Project work.

Presentation Information:

Meeting Recording: Recording Link

Meeting Minutes:

Presentation Slides:

SASI College Advisory Group Nomination Process - ** Completed **
  • Solicit SASI (formerly Sentinel) College Advisory Group nominations - (July 25 to August 7, 2023) - Done
  • SASI (formerly Sentinel)l Project Leader Team to select advisory group members from nominees and send notices to selected members by August 17 - Done
  • Publish Membership List - Done

 

Archived Information Related to Prior Project Activities

Archived Project Background Information -

Effective October 10, 2023 - SBCTC Determined that Sentinel Product License will not be reviewed.

In March 2020 the Washington State Board for Community and Technical Colleges (State Board) purchased the initial license from Sentinel.  Sentinel’s low-cost, robust solution made it a unique value to our system.  The State Board covered the annual renewal of the license while the ctcLink Project implementation phase was completed over the next few years.  

The product was installed in a test instance for internal team exploration until all colleges were deployed (May 2022) and deemed sufficiently stable on ctcLink in the area of Security Administration. 

The Project Management Office, in coordination with the Application Services Security Support Team, is preparing now to begin to explore the implementation of the Sentinel product in the most effective approach to meet the needs of colleges in our federated system. The initial planning, discovery, and design phase is anticipated to take approximately four (4) months, with feature roll-out to occur in phases over the following 12 months.

The Sentinel security software, once adopted officially by the Washington state community and technical colleges ctcLink system users, will be a combination of SBCTC Central Security Support Team functionality and college Local Security Administrators (LSAs) functionality for those managing security at our colleges.  

Below are links to general-use videos made available by the vendor, Sentinel on their YouTube channel.  Video content is organized by (a.) those which could apply to college users, depending on our configuration decisions, and (b.) those applicable to the Central Security Support Team. The inclusion of central security-relevant content helps colleges differentiate between areas available for their use and those which we believe will be centrally managed.  

Product Functionality for College Users

The videos below provide a simple overview of the Sentinel Product showing features that may be available for college LSAs, managers/supervisors, and possibly general employees; dependent upon the decisions made for how broadly the product will be used by our colleges. 

Please review these short video highlights to gain a better understanding of what the product can do for our college system. 

During the planning phase, product overview demonstrations will be presented, and recorded sessions made available, to provide greater insight as decisions are made on our adoption of Sentinel software.

Keep in mind the decisions made during Phase 1: Discovery, Planning and Design will greatly influence how these features will behave once Sentinel is implemented.

Video: Sentinel Security

Video: Sentinel Dashboard

Video: Sentinel User Hub

Video: Sentinel Security Workflows

Video: Custom Forms

Video: Security Audit Feature

Video: Sentinel Reporting

Video: Privileged Access Report

Video: History Data in Sentinel

Product Functionality for State Board Central Security Management

The Application Support Security Team will manage Sentinel product configuration for colleges in our system.  

Feel free to watch the following videos provided on the Sentinel Software (@sentinelsoftware) YouTube channel for a better perspective of what that means. These videos give a very high-level overview of the central security management tiles within the product that the Security Team will use to manage the product for our system.  

Keep in mind the decisions made during Phase 1: Discovery, Planning, and Design will influence how this team will set up and maintain those settings.

Video: Sentinel Software Settings Overview

Video: Connecting Sentinel Software to Environments

Video: Managing Permissions Lists in Sentinel

Video: Role Groups

Video: Database Environment Access Management

Video: Sensitive Data Access (for auditing purposes)

Video: Compare Reports*

Video: Central Security Logs

Video: Global Management of Fluid Security*

Video: Security Matrix*

Video: SAML 2.0 - Single Sign-On Setup

 

 

*Video content that the vendor may alter to meet our federated model - currently considered central access only.

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.