Security Administration System Improvement [SASI] Project Information Guide
Purpose: As the effort to define Security Administration System requirements has evolved with the College Advisory Group, this guide is being re-branded to address broader improvement efforts for how our system manages security administration. This guide will now be referred to as the Security Administration System Improvement Project. The information is intended to aid in framing out the next steps to develop a set of project activities to address college needs associated with more effective ctcLink Security Administration tools.
The guide provides:
- High-level guide - Next steps to keep us moving through each project phase.
- How college Subject Matter Experts (SMEs) can get involved and stay informed on project progress.
- Background information project historical content.
Audience: College Subject Matter Experts (SME) interested in ctcLink Security Administration and Security Audit Reporting
Updates:
- Important Project Announcement - SASI Project Re-Brand Please refer to the announcement in the Background Information section.
- SASI College Advisory Group members were selected on August 14, 2023. Please refer to the College Involvement section to view the list of advisory group members and to view regular meeting recordings and materials.
This phase will set the stage for all remaining project phases. In this phase the following will take place:
- [Completed] Establishment of a College Advisory Group
- [Completed] Define and Prioritize Security Administration System Requirements
- [Completed] Review Requirements and Security Administration Business Practices for Functionality Fits and Productivity/Audit Gaps
- [Completed] Detail Gap Analysis and Vet/Document Solution Approaches
- [In Progress] Secure College Buy-Off on Solution Design(s)
- [In Progress] Secure Governance Approval to Address Solutions
- Effort in progress that pre-dates the SASI Project, but addresses requirements outlined during the SASI Requirements Validation phase.
- Requirement SA-019: More automated off-boarding capabilities around roles/secondary security.
-
#0B - SACR Security Using LaunchPad [COMPLETED- CS Launchpad updates moved to Production 3/21/24]
- Effort in progress that pre-dates the SASI Project, but addresses requirements outlined during the SASI Requirements Validation phase.
- Requirement SA-020: Ability to copy SACR/UPDS from one user to another or from a standard template based on position.
- Effort in progress that pre-dates the SASI Project, but addresses requirements outlined during the SASI Requirements Validation phase.
Solution Overview Presentation from Monthly Security Meeting:
- Effort in progress that pre-dates the SASI Project, but addresses requirements outlined during the SASI Requirements Validation phase.
- Requirement SA-020: Ability to copy SACR/UPDS from one user to another or from a standard template based on position.
-
Draft Solution Design Document Presented to CAG Group on 02/27/2024 - Under Review by CAG
- Requirement SA-024A: Ensure any role doesn't present an SOD issue.
- Requirement SA-024B: Role Groupings Do Not Allow for Grouping of Roles that Would Violate SOD.
- Requirement SA-018: Ability to assign roles by role groupings/positions.
- See 02/27/2024 CAG Meeting Minutes for Discussion
Draft Test Plan for Review by CAG and PLT members- To be discussed at 10/8/24 CAG meeting:
Draft Solution Design Document for SD #1 Role Grouping Templates:
-
Feedback and Decision Timeline for Work Package #1
- 4/11/2024: Review Solution Design at Monthly Security Administrator Meeting
- 4/16/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
- 4/19/2024: Feedback Update in SD document and republished
-
4/22/2024 to 4/26/2024: College Sign-Off Period
- Link (CLOSED): Sign-Off Survey for Work Package #1
- (See sample of the survey questions in the pdf below for socializing on your campus)
- 4/26/2024: College Sign-Off Was Completed by 5PM
Role Grouping Template Cohort Session 1 Meeting Information from Monday, October 21, 2024 1-2:30PM below:
MEETING INFORMATION BELOW:
Purpose: Gather members of the LSA Community and others involved in preparing the college for building and testing Role Grouping Templates to:
- Review the solution design
- Discuss the Organizational Change Management Tools developed to help colleges get started on this work
- Participate in Breakout Sessions to “collaborate & listen” about each college’s approach
- “Share” the Great Ideas that rose to the top in your breakout discussions
- Move into Cohort Breakout Sessions with “like” colleges to discuss how to leverage the tools and build your resource team
- Plan our way forward.
Participants in this meeting received access to a Shared Drive of materials that colleges can “contribute to” and “source from” so no college need start from scratch.
This meeting was recorded (main room discussions) for those who weren’t able to attend.
Colleges in each cohort can decide to meet amongst themselves before the follow-up planned for November.
MEETING RECORDING BELOW:
https://sbctc.webex.com/webappng/sites/sbctc/recording/526e505a780f407e96953a0bb56c7c0f/playback
OCM Materials Displayed During the Session:
Quick Start Guide for Role Grouping Templates:
1-Pager for Role Grouping Templates:
Sample Email Outreach Content Block:
Overview of Role Grouping Templates .Pdf Version Presentation Deck (full deck on Google Shared Drive):
Link to Google Shared Drive: https://drive.google.com/drive/folders/1_LfiKcrYICQoZsjzfaa-VhcDBgy3-BmK
Need help with gaining access? Send an email to [email protected] for assistance, or follow the link and click the button request access.
-
Draft Solution Design Document Presented to CAG Group on 03/12/2024 - Under Review by CAG
- Requirement SA-015: Better reporting capabilities for Secondary security; ability to compare users for SACR/UPDS
- Requirement SA-023: SOD Reporting between pillars
- Requirement SA-034: Add a LSAs Workcenter to build custom security groups for employees, where the SACR and UPD security setting that are assigned to an employee are visible on one page or Workcenter...which could include a query access paglet tab. Have a query description where you can select a query, then the roles are added to the user.(Dashboard reporting)
-
Requirement SA-004: When an employee works at multiple colleges, system should provide capability to display role access granted by a specific college either through an Inquiry View or Report.
- Note: This requirement cannot be addressed until Work Package #3 - Role Approval Workflow has been released into Production as the relevant data points will not be available in the system until this has been deployed.
-
Requirement SA-022: Tracking and Reporting of Approvals and Role Assignments, including SACR, UPD, Faculty Advisor Table, supplier, Procurement Card Permissions, Requester Setup, Tables (Query Record Access), AWE and employee management.
- Note: This requirement cannot be addressed until Work Package #3 - Role Approval Workflow has been released into Production as the relevant data points will not be available in the system until this has been deployed.
- Requirement SA-007: The ability to see an employee's portal (Oracle Integration Hub) roles.
- Requirement SA-016: A visual representation of security Permissions in PeopleSoft Navigations menus
- Requirement SA-017A: Ability to compare security access differences between users in a single environment.
- See 03/12/2024 CAG Meeting Minutes for discussion.
Solution Design Document for SD #2 Security Reporting Dashboard:
-
Feedback and Decision Timeline for Work Package #2
- 4/11/2024: Review Solution Design at Monthly Security Administrator Meeting
- 4/16/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
- 4/19/2024: Feedback Update in SD document and republished
-
4/22/2024 to 4/26/2024: College Sign-Off Period
- Link (open during period outlined above): Sign-Off Survey for Work Package #2
- (See sample of the survey questions in the pdf below for socializing on your campus)
- 4/26/2024: College Sign-Off Due by 5PM
-
Draft Solution Design Document - Security Team Documenting Design Ideas - Presented to CAG on 04/09/2024
- Requirement SA-001: Employee must have the ability to request a security role be added to their user profile.
- Requirement SA-002:Manager or role evaluator will be notified of a role request, with the power to edit the role request prior to approval.
- Requirement SA-012: Ability to input an ID of who approved the security role exceptions.
- Requirement SA-026: Role Access Requirement Warnings (e.g. Requisition Process). Upon role assignment, generate a warning message that alerts LSA to requirement secondary security needs.
- Requirement SA-030A: Upon role Request submission, prompt either requestor or reviewer to with SACR Security Page requirements.
- Requirement SA-030B: Optimally, prompt for requested values for approval.
- Requirement SA-031: Upon role request submission, where Institution Default values exist, provide a means for auto-populating in the request the standard default values for that requestor's institution, to be picked up on the approval workflow and automated assignment.
- Requirement SA-032: Upon role Request submission, prompt either requestor or reviewer to with User Preference Definition Security Page requirements. Optimally, prompt for requested values for approval. Though User Preferences has so many options/areas to check a box, and many of them we don’t know what they do (not really documented). So not sure how this warning would work. Probably would work better for CS roles requiring SACR.
- Requirement SA-041: Employee, Employee's Manager or Pillar Lead should all be able to initiate a role/role group request.
- Tangentially Relevant Requirement SA-042: Provide a means by which each college can designate that a role applies to the work at that BU
Draft Solution Design Document for SD #3 - Role Approval Workflow:
-
Feedback and Decision Timeline for Work Package #3
- 5/09/2024: Review Solution Design at Monthly Security Administrator Meeting
-
5/14/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
- Please email feedback to Shelia Sloan, [email protected] and Lisa Garcia, [email protected].
- 5/24/2024: Feedback Update in SD document and republished
-
POSTPONED: College Sign-Off Period
-
Link (open during period outlined above): Placed on hold while we incorporate user feedback.
- (See sample of the survey questions in the pdf below for socializing on your campus)
-
Link (open during period outlined above): Placed on hold while we incorporate user feedback.
-
ON HOLD: College Sign-Off Due by (TBD)
- The SBCTC Security Team received a good amount of feedback, some of which revealed major differences in the base business practices and protocols for User Access Request processes across the colleges. With the number of ideas proposed during the feedback loop and the number of business practice differences the team felt it would be best to review the underlying requirements and functions of the solution with the Security Administration System Improvement (SASI) College Advisory Group (CAG) to determine if college provided updates to the solution should be included.
- Due to this extra effort, the team has decided to pause on the sign-off of the existing Solution Design for Wk Pkg #3. Once the SASI CAG members have provided their input on the solution design review, the updated Solution Design document will be posted to the ctcLink Reference Center and a new survey sign-off period will be established.
Role Approval Workflow Design Discussion Meeting (SASI Work Pkg #3)
On Friday, September 6, 2024 9:00 a.m. to 12:00 p.m., a 3 hour meeting was held to review mock up of the current design under consideration and invite discussion from the college community in two break out sessions. During those two break outs the following questions were to be addressed by participants:
Breakout 1:
- What did you see that you liked?
- What did you see that you would have a challenge adopting?
Breakout 2:
- What ‘Bright Ideas’ Do You Have?
- How Can This Idea Overcome Adoption Challenges?
Below are materials presented during the meeting and a written summary of the share out comments, organized by questions posed in each breakout session.
A follow-up meeting will be scheduled in October to review design modifications that the Security Team are able to incorporate based on community feedback. Be on the look out for a doodle poll on available dates for the next conversation in the coming weeks.
Meeting Slide Deck:
Meeting Discussion Share Out Summary:
-
Draft Solution Design Document - Security Team Documented Design Ideas - Targeted to Present to CAG on 03/26/2024
- Requirement SA-013: Protect Category 4 Sensitive Data.
Draft Solution Design Document for SD #4 - Masking for Category 3 & 4 Data Security:
-
Feedback and Decision Timeline for Work Package #4
- 4/11/2024: Review Solution Design at Monthly Security Administrator Meeting
- 4/23/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
- 4/26/2024: Feedback Update in SD document and republished
-
4/29/2024 8AM to 5/3/2024 5PM: College Sign-Off Period
- Link (open during period outlined above): Sign-Off Survey for Work Package #4
- (See sample of the survey questions in the pdf below for socializing on your campus)
- 5/3/2024: College Sign-Off Due by 5PM
-
Draft Solution Design Document Not Started - Security Team will hold feasibility discussion with College Advisory Group on May 14, 2024 meeting.
- Requirement SA-017B: Ability to compare security access differences between a user in two environments
-
Draft Solution Design Document - Security Team Documented Design Ideas - Targeted to Present to CAG on 03/26/2024
- Requirement SA-043: A tracking mechanism with pop-up announcement that appears when offboarding an individual to also inform staff they need to offboard in LegacyTranscripts, LegacyLink (and any other third party applications we can incorporate).
Draft Solution Design Document for SD #6 - Okta Shell Roles:
-
Feedback and Decision Timeline for Work Package #6
- 4/11/2024: Review Solution Design at Monthly Security Administrator Meeting
- 4/23/2024: Feedback DUE from LSA Community to Incorporate into Solution Design document
- 4/26/2024: Feedback Update in SD document and republished
-
4/29/2024 to 5/3/2024: College Sign-Off Period
- Link (open during period outlined above): Sign-Off Survey for Work Package #6
- (See sample of the survey questions in the pdf below for socializing on your campus)
- 5/3/2024: College Sign-Off Due by 5PM
-
Discussion at January 23, 2024 CAG meeting was to have either a separate Work Package or include in Work Package #3. Decision by Security Team was to have the following requirements included in Work Package #3 - Role Approval Workflow.
- Requirement SA-009: Warning messages of when certain roles have to be paired together. For example, you need ZD_DS_QUERY_VIEWER if you want an employee to have the ability to run any other query (aka Companion Role Identifier)
- Requirement SA-026: Role Access Requirement Warnings (e.g. Requisition Process). Upon role assignment, generate a warning message that alerts LSA to requirement secondary security needs.
- Requirement SA-042: Provide a means by which each college can designate that a role applies to the work at that BU.
- Solution Design Document - See Work Package #2
-
Requirement SA-007: The ability to see an employee's portal (Oracle Integration Hub) roles.
- This effort necessary to address this requirement was included in Work Package #2 - Security Reporting Dashboard, therefore no additional effort is needed for Work Package #8.
- Draft Solution Design Document Not Started - Security Team will Document Design Ideas - Targeted to Present to CAG on 06/11/2024
- Draft Solution Design Document Not Started - Security Team will Document Design Ideas - Targeted to Present to CAG on 06/11/2024
- Draft Solution Design Document Not Started - Security Team will Document Design Ideas - Targeted to Present to CAG on 06/25/2024
- Draft Solution Design Document Not Started - Target TBD
During Phase 1: Discovery, Planning and Design the team will document the solution design for implementing each aspect of the product.
The Solution Design Documents (SDD) are intended to be plain language overviews of the challenge being addressed and what will be done from a functional and simplified technical design perspective to solve the problem with the implementation of any security administration system improvement efforts.
These SDDs will be posted to this SASI Project Information Guide as they are completed.
A sign-off survey will be distributed to ensure all colleges have the opportunity to review and sign off on the design before moving into the next project phase(s). While each college district will have only one vote, all college SMEs will have the ability to review the SDDs for a better understanding of how this product will be implemented.
- Work Package #1 - Role Grouping Template - SD Approved, ER Approved
- Work Package #2 - Security Reporting Dashboard - SD Approved, ER Approved
- Work Package #3 - Role Approval Workflow - SD On Hold
- Work Package #4 - Category 4 Data Masking - SD Approved, ER In Progress
- Work Package #5 - Comparison Tool for User Profiles Across Environments - Not Executed (See 5/14 SASI CAG Meeting Minutes or listen to 00:01 to 00:14 min of Recording)
- Work Package #6 - Okta Shell Roles for Third Party Access Notices - SD Approved, ER In Progress
- Work Package #7 - College Identification of Desired Role Assignment - Not Executed as it was merged with Work Package #3 (See 5/14 SASI CAG Meeting Minutes or listen to 00:17 to 00:18 min of Recording)
- Work Package #8 - KT on Query of Portal Roles - Not Executed as it was merged with Work Package #2 (See 5/14 SASI CAG Meeting Minutes or listen to 00:18 to 00:19 min of Recording)
The below 4 Work Packages are on hold as we focus on #1, #2, #4 and #6. This is briefly discussed in 5/14 CAG Meeting (00:31 to 00:33 min of Recording)
- Work Package #9 - Auto-assign Route Control BU - On Hold
- Work Package #10 - Dynamic Assignment of SACR Institution Security for Active Inst/Adv Table Entries - On Hold
- Work Package #11 - Name Change Dynamic Sync Across All Pillars and Okta (AD) On Hold
- Work Package #12 - SOD Warning Pop-Up on Role Assignment On Hold
This phase includes the following:
-
[Not Started] Develop, Train and Implement Phase 1 Approved Security Administration Productivity Improvements.
- Commence Development of Work Packages
- Commence Testing of Work Packages
- Provide Training Materials
- Implement Work Packages
- [Not Started] Determine need for future release phases based on results of Phase 1 and Phase 2 work.
There are many ways college staff can stay apprised of Security Administration System Improvement (SASI) Project activities or can get involved. Below are key communication channels with college engagement possibilities:
The SASI College Advisory Group works with the SASI Project Leadership Team to provide immediate feedback on business practices, design options, and current security management challenges. The group meets regularly on the 2nd and 4th Tuesdays, from 2 to 3 p.m.
Group responsibilities include:
- Participate in Semi-Monthly (Tuesday afternoon) to give feedback on project activities or questions
- Be available for Ad-Hoc Feedback Loops (as needed) on College Business Practices
- Participate in Requirement Clarification Sessions
- Provide Early Feedback on Solution Design Materials
- Participate in Solution Design Feedback Sessions as Change Champions and Thought Leaders
- Respond to Surveys for Solution Design Decisions
- Provide Input on Testing, Organizational Change Management and Training Plans
- Participate in early College Engagement Testing and User Acceptance Testing
- Work Package #1
- Debrief on Cohort Session Effectiveness
- Survey for Feedback?
- Large College Cohort Check-In
- Shared Drive Access Request Status & Folder Structure Feedback
- OCM Material Status
- Discuss Cohort Session 2 Scheduling
- Review next session agenda for value
- Next Steps
Meeting Recording: Link
Meeting Slide Deck and Minutes:
- New Member Introduction
- Work Package #1
- Test Plan Feedback
- Review OCM Material Status
- Discuss Cohort Sessions Scheduling
- Best ways to organize these for greatest value…
- Review Work Package #3
- Processing Feedback and Incorporating Design Updates
- Next Steps
Meeting Recording: Link
Slide Deck and Meeting Minutes:
- New Member Introduction
- Feedback on 9/6 Work Package #3 Design Discussion
- Work Package #1
- Test Plan Feedback
- Cohort Sessions- Best ways to organize these for greatest value
- Next Steps
Meeting Recording: Link
Meeting Slide Deck and Minutes:
- CAG Nominations and Voting
- Test Plan Document Review
- Cohort Survey Responses
- Next Steps
Meeting Recording: Link
Meeting Minutes:
- Feedback, Open Q & A on WVC Demo
- CAG Membership Change
- Work Package #1 OCM Activities
- LSA Survey – grouping colleges by similar characteristics to go through the process of implementing Role Grouping Templates together
- Work Package #6 Discussion
- Next Steps
Meeting Recording: Link
Slide Deck and Meeting Minutes:
- Discuss WVC Demo Recording
- Discuss OCM/Test Prep
- Next Steps
Meeting Recording: Link
Slide Deck and Meeting Minutes:
- Continue Review of Work Package #3 Feedback (LSA Community)
- Next Steps
Meeting Recording: Link
Slide Deck and Meeting Minutes:
- Review Work Package #3
- Follow-Up on the Business Process and Requirements
- Next Steps
Meeting Recording: Link
Slide Deck and Meeting Minutes:
- Discuss Work Package #5 – Different Approach
- Review Work Package #3 – Let’s Get back to the Business Process of it all.
- Next Steps
Meeting Recording: Link
Slide Deck and Meeting Minutes:
- Discuss Work Package #5 Feasibility
- Review Work Package #3 Timelines
- Discuss Work Package #7 Requirements Addressed in Work Package #3.
- Discuss Work Package #8 Requirements Addressed in Work Package #2.
- Discuss Feedback on Work Package #4
- Remaining Work Packages (#9 through #12)
- Next Steps
Meeting Recording: Link
Slide Deck and Meeting Minutes:
- Discuss sign off on WP #1 and #2
- UAT Preparation
- Reminder to get feedback on WP #4 and #6
- Feedback on WP #3
- Next Meetings
Meeting Recording: Link
Meeting Minutes:
- Initial Solution Design Document Review
- Work Package #3 Role Approval Workflow
- Review of Decision Timeline and Process for Solution Design Work
- Sign-Off
- Surveys Posted
Meeting Recording: Link
-
Initial Solution Design Document Review
- Work Package #4 – Data Masking for Cat 4 Data Security
- Work Package #6 – Okta Shell Roles for Third Party Access Notices
-
Timelines for Solution Design
- Work Package Review
- Sign-Off
- College Advisory Group Membership
Meeting Recording: Link
Slide Deck and Meeting Minutes:
- Initial Solution Design Document Review
- Work Package #2 Reporting Dashboard
- Confirm Completion of Business Process Step Lists: SASI Requirements Google Doc:
- Off-Boarding
- Transfer to New Job at Same College
- Discuss Work Package #1 Readiness
- Next Steps - Member List (N/A min)
Meeting Recording: Link
Meeting Minutes:
- Initial Solution Design Document Review
- Work Package #1 Role Grouping Template
- Complete Review Business Process Step Lists: SASI Requirements Google Doc:
- Off-Boarding
- Transfer to New Job at Same College
- Next Steps - Timelines for Business Process Review & Solution Design Work
Meeting Recording: Link
Slide Deck and Meeting Minutes:
- Clarification on Requirement
- Final Review Business Process Step Lists: SASI Requirements Google Doc:
- Off-Boarding
- Transfer to New Job at Same College
- Timelines for BPR & Solution Design Work
- Next Steps
Meeting Recording: Link
Meeting Minutes:
- Clarification on Requirement
- Review Business Process Step Lists: SASI Requirements Google Doc:
- Off-Boarding
- Transfer to New Job at Same College
- Timelines for BPR & Solution Design Work
- Next Steps
Meeting Recording: Link
Meeting Minutes:
Meeting Topics:
- Review Entries Added to Business Process Steps
- Discuss additional requirements added
- Discuss content added to Details of Concern column
- Next Steps
Meeting Recording: Link
Meeting Minutes:
Meeting Topics:
- Finalize requirements:
- Assess Gaps
- Develop Mitigations
- Solution Design Approaches
- Business Process Review
- Close the Loop on Outstanding Requirements
- Review Business Process Step List
- How to Enter Feedback/Issues in List
- Timelines for BPR & Solution Design Work
Meeting Recording: Link
PowerPoint Presentation and Meeting Minutes:
Meeting Topics:
- Review Requirements
- Brainstorm Solution Approaches
- Determine Viability of Requirements ‘As Written’ or ‘Rewritten’
- Next Steps
Meeting Recording: Link
PowerPoint Presentation and Meeting Minutes:
Meeting Topics:
- Welcome
- Phase 1
- Requirements Discussion/Prioritization
- Next Steps
Meeting Recording: Link
PowerPoint Presentation and Meeting Minutes:
Meeting Topics:
- Project Update & Discussion
- Phase 1 Restructuring
- Requirements Discussion/Prioritization
- Next Steps
Meeting Recording: Link
PowerPoint Presentation and Meeting Minutes:
Meeting Topics:
- Review Sentinel Module Functionality
- Review/Update Discovery Points List
- Review/Update Decision Points List
Meeting Recording: Link
PowerPoint Presentation and Meeting Minutes:
Meeting Topics:
- Group Expectations and Goals
- Review Sentinel Module Functionality
- Review/Update Discovery Points Vendor Feedback
- Next Steps
Meeting Recording: Link
PowerPoint Presentation and Meeting Minutes:
The following college subject matter experts have been identified as members of the SASI College Advisory Group, through an official nomination and selection process completed on August 16, 2023.
Member Name | Member Title | Member Email |
---|---|---|
Drew Abercrombie | WVC IT Department | [email protected] |
Stephanie Baker | Business Systems Analyst | [email protected] |
Stephanie Beaulieu | IT Customer Support Services Supervisor | [email protected].edu |
Matt Connelly |
ctcLink Business Systems Analyst/Security IT Admin |
[email protected] |
Kathy Disney |
Business System Analyst |
[email protected] |
Kael Godwin | IT Data Management | [email protected] |
Kaytlyn Hoch |
Application Services Director |
[email protected] |
Jennifer Horrace |
IT Customer Support Journey |
[email protected] |
Jeremy Kelley |
System Engineer |
[email protected] |
Victor Lopez |
Business Systems Analyst / Local Security Administrator |
[email protected] |
Carol McCarthy |
Finance Business Analyst | Information Technology |
[email protected] |
Bradley Nuxoll |
Senior Application and Database Developer |
[email protected] |
Nichole Seroshek |
ctcLink Project Manager/Business Process Analyst |
[email protected] |
David Hermansen |
Information Technology Staff |
[email protected] |
Hongyu Zhan |
ctcLink Business Analyst and Security Coordinator |
[email protected] |
Advisory group members who are also members of a specific council or commission may be called upon to provide insights into the activities of this group.
Advisory group members will be provided periodic status update slide deck materials enabling them to share their work on this group.
Councils and commissions seeking a project status update presentation from the Project Management Office can reach out to Tara Keen ([email protected]) to request an update at an upcoming council or commission meeting.
The SBCTC-IT Application Services Security Team holds monthly Security Administrator meetings with Local Security Administrators, as well as interested Business Analysts and pillar leads, on the second Thursday of each month. In this monthly forum, the Security Team will provide project updates, field questions and solicit feedback on current topics within the effort where the project team needs to hear from college experts.
Any SASI Project update materials presented during these meetings will be posted to this Project Information Guide for easy reference and access.
- Next meeting is scheduled for Thursday, Aug. 10, 2023.
- Deck will be posted after the presentation.
- See the monthly Security Administrator meeting schedule.
The College Collaboration Group meets the 2nd and 4th Wednesdays from 10 a.m. to noon and is an open forum for ctcLink Points of Contact, Business Analysts, and topic-specific SMEs to gather and discuss an array of topics that need to be shared and collaborated on in our system.
While the topics change each meeting, regular SASI Project updates will be provided to this group to ensure broad input is gathered on topics related to the SASI Software implementation efforts.
Sentinel Implementation Project Re-Brand to Security Administration System Improvement (SASI) Project
To prepare for the planned implementation of the Sentinel security administration software product SBCTC engaged in talks with the software vendor to ensure we fully understood the cost projections for annual Sentinel product licensing. In addition, the project leadership team worked with the vendor to address base product incompatibilities with our multi-campus, single-instance implementation of PeopleSoft and the need to lock down the application features to individual business units.
Unfortunately, the vendor cost model, even with offered discounts, posed a significant and exponential increase in the annual licensing cost. Those costs, coupled with additional costs for ensuring the product could support a multi-business unit security model, are prohibitive to the system moving forward with implementing the Sentinel product.
Security Project Re-Brand
Given that we are unable to proceed with the implementation of Sentinel, it was deemed appropriate to re-brand this project effort. Rather than focusing on remediating a purchased software product, we believe it appropriate to shift our focus to the improvements our system and Local Security Administrators (LSAs) truly need.
To that end, we are re-branding the effort to now be referred to as the Security Administration System Improvement project. This project information guide was revised to align with these changes.
Next Steps
With the project shift in focus, we plan to place our first emphasis on documenting and articulating our functional, technical, and auditor requirements. This foundational work is already underway with the College Advisory Group and is targeted for completion by the end of the month.
The joint work of this group and the SBCTC security team, combined with our internal effort to document our security business practices, will lend itself to a fit/gap analysis on sustainable business practices to determine which functional gaps to address. We plan to begin the fit/gap effort in November.
We also have closed the governance loop on the Off-Boarding Process for security and are developing the work breakdown structure to commence development of that needed improvement, which should significantly improve the auditor compliance concerns colleges have and the productivity impacts currently being experienced by our LSAs.
Questions on this project direction change? Please contact:
- Shelia Sloan - Associate Director - Security Team - [email protected]
- Grant Rodeheaver - Deputy Executive Director - IT Division - [email protected]
The SASI (formerly Sentinel) College Advisory Group met on Thursday, August 24th to kick-off the work on their Sentinel Project work.
Presentation Information:
Meeting Recording: Recording Link
Meeting Minutes:
Presentation Slides:
- Solicit SASI (formerly Sentinel) College Advisory Group nominations - (July 25 to August 7, 2023) - Done
- SASI (formerly Sentinel)l Project Leader Team to select advisory group members from nominees and send notices to selected members by August 17 - Done
- Publish Membership List - Done
Archived Project Background Information -
Effective October 10, 2023 - SBCTC Determined that Sentinel Product License will not be reviewed.
In March 2020 the Washington State Board for Community and Technical Colleges (State Board) purchased the initial license from Sentinel. Sentinel’s low-cost, robust solution made it a unique value to our system. The State Board covered the annual renewal of the license while the ctcLink Project implementation phase was completed over the next few years.
The product was installed in a test instance for internal team exploration until all colleges were deployed (May 2022) and deemed sufficiently stable on ctcLink in the area of Security Administration.
The Project Management Office, in coordination with the Application Services Security Support Team, is preparing now to begin to explore the implementation of the Sentinel product in the most effective approach to meet the needs of colleges in our federated system. The initial planning, discovery, and design phase is anticipated to take approximately four (4) months, with feature roll-out to occur in phases over the following 12 months.
The Sentinel security software, once adopted officially by the Washington state community and technical colleges ctcLink system users, will be a combination of SBCTC Central Security Support Team functionality and college Local Security Administrators (LSAs) functionality for those managing security at our colleges.
Below are links to general-use videos made available by the vendor, Sentinel on their YouTube channel. Video content is organized by (a.) those which could apply to college users, depending on our configuration decisions, and (b.) those applicable to the Central Security Support Team. The inclusion of central security-relevant content helps colleges differentiate between areas available for their use and those which we believe will be centrally managed.
The videos below provide a simple overview of the Sentinel Product showing features that may be available for college LSAs, managers/supervisors, and possibly general employees; dependent upon the decisions made for how broadly the product will be used by our colleges.
Please review these short video highlights to gain a better understanding of what the product can do for our college system.
During the planning phase, product overview demonstrations will be presented, and recorded sessions made available, to provide greater insight as decisions are made on our adoption of Sentinel software.
Keep in mind the decisions made during Phase 1: Discovery, Planning and Design will greatly influence how these features will behave once Sentinel is implemented.
Video: Sentinel Security Workflows
The Application Support Security Team will manage Sentinel product configuration for colleges in our system.
Feel free to watch the following videos provided on the Sentinel Software (@sentinelsoftware) YouTube channel for a better perspective of what that means. These videos give a very high-level overview of the central security management tiles within the product that the Security Team will use to manage the product for our system.
Keep in mind the decisions made during Phase 1: Discovery, Planning, and Design will influence how this team will set up and maintain those settings.
Video: Sentinel Software Settings Overview
Video: Connecting Sentinel Software to Environments
Video: Managing Permissions Lists in Sentinel
Video: Database Environment Access Management
Video: Sensitive Data Access (for auditing purposes)
Video: Global Management of Fluid Security*
Video: SAML 2.0 - Single Sign-On Setup
*Video content that the vendor may alter to meet our federated model - currently considered central access only.
0 Comments
Add your comment