Re: sync general user accounts to SIS accounts ?

[Mike Wiseman <mike.wiseman () UTORONTO CA>]

Hi,

We do separate authentication systems along the institutional login, student access to SIS
and staff/faculty access to SIS. The latter is done using two-factor hardware SecurID
tokens. Students have a single purpose login/password to access SIS and finally the
login/password for campus-wide services such as email and LMS. There has been discussions
in the past to use the institutional auth to access the student SIS services which
provides the obvious convenience of one less set of auth credentials but this has not been
implemented. I personally prefer the status quo because the institutional login is being
used with an ever increasing number of campus and departmental services - most of these
have less risk of consequence in the event of password compromise.

The two factor system for staff is less controversial - IMO it's been a wise choice.

Mike


Mike Wiseman
Manager - Computer Security Administration
Computing and Networking Services
University of Toronto



> > Michael Fox wrote:
> > > We are looking at implementing a single point of authentication for most of our
> > > accounts. I would like to ask what others are doing in respect to accounts that access
> > > your SIS information. For example, faculty that access SIS to enter student grades.
> > > Are you using separate accounts for SIS or are the general accounts being used for
> > > this kind of access?
> > >
> > > I would like to see a separate account but I am getting the convenience side argument
> > > (which I understand).
> > > Any thoughts will be a help.