Re: SaaS responsibilities

[Steve Terry <terrys () DENISON EDU>]

Thomas:

Might I recommend looking at ECAR's Cloud Working Group:
http://www.educause.edu/ecar/ecar-working-groups/cloud

The Cloud Working Group is actively engaged in publishing a seven part
series called "PREPARING YOUR IT ORGANIZATION FOR THE CLOUD". (part 3 of
the series is due to be published within days)  This paper is attempting to
address some of the problems and questions you have raised.

For your consideration.

Steve

*Steve Terry*
Director of Enterprise Applications
ITS
*Denison University*
Fellows Hall - 102B
Granville, OH 43023
740-587-8685 | *www.denison.edu <http://www.denison.edu/>*

On Fri, Aug 28, 2015 at 1:32 PM, Thomas Carter <tcarter () austincollege edu>
wrote:

> Here, as I’m sure is happening everywhere, SaaS usage is exploding across
> campus. We in IT are struggling with forming policies around such usage and
> our responsibilities around those services. I would appreciate input in how
> others are handling this SaaS hydra. Does IT track all external services
> used? Does IT have the rights and/or information and/or responsibility for
> administration of these services? Does IT have any right of refusal for
> possibly insecure or unvetted services? Does IT have any other applicable
> policies such as SSO requirements, etc?
>
>
>
> We’re struggling with issues like when an employee leaves, how can we make
> sure they no longer have access to any school resources when some of those
> only reside in the cloud? Or when we don’t even know about the service? How
> do we make sure a chosen solution integrates well into the rest of our
> environment when we may not be involved in the selection process?
>
>
>
> I appreciate any answers, advice, or suggestions you can offer.
>
>
>
> Thomas Carter
>
> Network & Operations Manager
>
> Austin College