Re: Banner Security Framework

["Wade, Russ" <Russ.Wade () WICHITA EDU>]

We have quite the informal process that has evolved over the past ten years on Banner that uses email quite extensively 
and that varies somewhat by functional area.  We too are wanting to adopt a more formal and standardized approach 
perhaps using a software package and would very much welcome seeing what others have developed.

Thanks,

Russ

[cid:image002.jpg@01CB7CFC.8FD7F9D0]

Russ Wade | Wichita State University | Information Technology Services | 1845 Fairmount | Wichita, KS 67260

Senior Information Security Analyst | Office: (316) 978-3859 | Cell: (316) 847-1342 | Russ.Wade () Wichita 
edu<mailto:Russ.Wade () Wichita edu>


CONFIDENTIALITY: This email (including any attachments) may contain confidential, proprietary and privileged 
information, and unauthorized disclosure or use is prohibited. If you received this email in error, please notify the 
sender and delete this email from your system. Thank you.








From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Dean 
Halter
Sent: Friday, September 11, 2015 7:46 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Banner Security Framework

If anyone's got any sort of formal framework, I'd' be interested in seeing it as well.

Thanks in advance,
Dean
___________
Dean Halter, CISA, CISSP
IT Risk Management Officer, UDit
University of Dayton
Miriam Hall 358
(937) 229-4387

"Security is a process, not a product."  Bruce Schneier


On Fri, Sep 11, 2015 at 12:00 AM, SECURITY automatic digest system <LISTSERV () listserv educause edu<mailto:LISTSERV 
() listserv educause edu>> wrote:


Date:    Thu, 10 Sep 2015 20:45:17 +0000
From:    "Barton, Robert" <bartonrt () LEWISU EDU<mailto:bartonrt () LEWISU EDU>>
Subject: Banner Security Framework

Afternoon,

We are in the process of reviewing out ERP security framework.  We use Banner by Ellucian.  In the hope of not 
re-inventing the wheel, does anybody have anything that can share that would help us with the process?  This can be 
anything from security guidelines you developed to standards for "user roles".

Any help is appreciated and I can be contact off-list.

Robert W. Barton
Director of Information Security
Lewis University
One University Parkway
Romeoville, IL  60446-2200
815-836-5663<tel:815-836-5663>

This message (including any attachments) is intended only for
the use of the individual or entity to which it is addressed and
may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under
applicable law or may constitute as attorney work product.
If you are not the intended recipient, you are hereby notified
that any use, dissemination, distribution, or copying of this
communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone at (815)-836-5950<tel:%28815%29-836-5950> and
(i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication.

Thank you.