Educause Security Discussion mailing list archives
Re: SaaS responsibilities
From: Steve Terry <terrys () DENISON EDU>
Date: Fri, 28 Aug 2015 14:19:21 -0400
Thomas: Might I recommend looking at ECAR's Cloud Working Group: http://www.educause.edu/ecar/ecar-working-groups/cloud The Cloud Working Group is actively engaged in publishing a seven part series called "PREPARING YOUR IT ORGANIZATION FOR THE CLOUD". (part 3 of the series is due to be published within days) This paper is attempting to address some of the problems and questions you have raised. For your consideration. Steve *Steve Terry* Director of Enterprise Applications ITS *Denison University* Fellows Hall - 102B Granville, OH 43023 740-587-8685 | *www.denison.edu <http://www.denison.edu/>* On Fri, Aug 28, 2015 at 1:32 PM, Thomas Carter <tcarter () austincollege edu> wrote:
Here, as I’m sure is happening everywhere, SaaS usage is exploding across campus. We in IT are struggling with forming policies around such usage and our responsibilities around those services. I would appreciate input in how others are handling this SaaS hydra. Does IT track all external services used? Does IT have the rights and/or information and/or responsibility for administration of these services? Does IT have any right of refusal for possibly insecure or unvetted services? Does IT have any other applicable policies such as SSO requirements, etc? We’re struggling with issues like when an employee leaves, how can we make sure they no longer have access to any school resources when some of those only reside in the cloud? Or when we don’t even know about the service? How do we make sure a chosen solution integrates well into the rest of our environment when we may not be involved in the selection process? I appreciate any answers, advice, or suggestions you can offer. Thomas Carter Network & Operations Manager Austin College
Current thread:
- SaaS responsibilities Thomas Carter (Aug 28)
- Re: SaaS responsibilities Todd Britton (Aug 28)
- Re: SaaS responsibilities Ruth Ginzberg (Aug 28)
- Re: SaaS responsibilities Tracy Beth Mitrano (Aug 28)
- Re: SaaS responsibilities Steve Terry (Aug 28)
- Re: SaaS responsibilities Tomo (Aug 28)
- Re: SaaS responsibilities Nick Lewis (Aug 31)
- Re: SaaS responsibilities Joanna Grama (Aug 28)
- Re: SaaS responsibilities Tomo (Aug 28)