Educause Security Discussion mailing list archives
Re: higher education "best practices" for authenticating to campus IT resources
From: "Childs, Aaron" <aaron () WSC MA EDU>
Date: Tue, 6 Oct 2009 16:04:50 -0400
Hi Daniel, Answer to question 1, No. Here at Westfield access to student and financial records in our Banner environment is controlled through an Active Directory pass-through from Luminis (SCT's Portal) to our AD domain. Have a good day, Aaron ----------- Aaron Childs Assistant Director, Networking Westfield State College http://www.wsc.ma.edu/it/ -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Daniel Bennett Sent: Tuesday, October 06, 2009 3:48 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] higher education "best practices" for authenticating to campus IT resources Hello All, Currently, we are trying to answer the following questions to sort of benchmark higher education "best practices" for authenticating to campus IT resources: 1. Does your institution provide separate usernames and passwords for critical and non-critical information systems (multiple authentication systems)? An example, the Director of Financial Operations uses one username and password to log into his/her Windows-based workstation, campus e-mail, or campus portal and another different username and password to log into the campus financial system. If no, to the above question: 2. Does your authentication system also provide single sign-on to all campus information systems? An example, the Director of Financial Operations logs into his/her workstation and once logged in he/she can access all other campus applications without providing the username/password again, through some sort of single sign-in infrastructure. Thanks, Daniel Bennett IT Security Analyst Pennsylvania College of Technology One College Ave Williamsport PA, 17701 570.329.4989
Current thread:
- Re: higher education "best practices" for authenticating to campus IT resources Childs, Aaron (Oct 06)
- <Possible follow-ups>
- Re: higher education "best practices" for authenticating to campus IT resources Kevin Kelly (Oct 06)
- Re: higher education "best practices" for authenticating to campus IT resources Theresa Rowe (Oct 07)