Re: O365 credential integrations

[Mattehew Prescott <matt.prescott () ACU EDU>]

We currently just had this same discussion and opted to allow all Microsoft
Trusted Apps to be available and the individual user gives consent. We
decided to only allow minimal consent such as login authorization. We
started out having an admin approve each app but we do not have a policy to
govern what would be acceptable or not. Who would decide what could be used
or not? Also, before using Microsoft SSO we used Google and everything was
allowed.

Thanks,
Matt P.


On Thu, Sep 17, 2020 at 12:32 PM Renee Peters <renee () northeast edu> wrote:

> We have recently activated our O365 platform with single-sign-on
> credentials. Now that users have an institutional Microsoft account, we are
> getting numerous requests for approval to the Admin queue for users wanting
> to use Microsoft credentials to sign into other services – AutoCAD web,
> Flipgrid, Doodle, etc. How are other colleges using O365 handling these
> requests? Do you automatically approve the credential integration or do you
> thoroughly review each application for security and privacy? Some of the
> applications just want integration with OneDrive. Our initial process was
> to have me (security) evaluate each request for usage and privacy concerns,
> but they are coming in faster than I can efficiently process them. Any
> suggestions or other practices would be appreciated.
>
>
>
> Renee Peters
>
>
> *Renee Peters   *
> Director of Technology Risk & Service Management
>
>
> 801 E. Benjamin Ave
> Norfolk, NE, 68701
> 402-844-7072 | renee () northeast edu
>
>
> NORTHEAST.EDU
>
> . . . .
>
> This email and any files transmitted with it are confidential and solely
> for the use of the intended recipient(s). If you have received this email
> in error, please notify the sender immediately by email and delete this
> email from your system. Please note that any views or opinions presented in
> this email are solely those of the author and do not necessarily represent
> those of the College. The recipient should check this email and any
> attachments for the presence of viruses. The College accepts no liability
> for any damage caused by any virus transmitted by this email.
> . . . .
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community