ERP System Security Standard
Purpose
The purpose of this standard is to secure and protect the information and applications that reside on IT-supported Banner systems.
Goals
To establish baseline security measures to the Banner system and to define how exceptions to that baseline are approved.
Scope
- WPI Banner Production and Pre-Production systems
- ODS (Operational Data Store)
- EDW (Enterprise Data Warehouse)
Standard
Users who are granted access via a database account will be allowed access through one of the following three methods:
- Access to Internet Native Banner (INB) services will only be available on-campus via the WPI Campus Network or off-campus via the WPI VPN.
- Access to Self-Service Banner will be available from anywhere through a WPI SSL-encrypted website.
- New Methods of direct access to Banner data requires approval of the Governance Working Group and may be based on recommendations of the Data Access Working Group. Approval should use the following criteria:
- The security of the tools requested.
- The duration of access and/or reoccurrence (defines if tool is used more than once or if it is going to be used one-time only).
- Justification.
- Supportability/Sustainability
Community members with no database account will have access through the following method:
- Access to Self-Service Banner will be available from anywhere through a WPI SSL-encrypted website.
Revisions
Changes to this standard must be approved by the WPI Governance Committee based on recommendations of WPI Information Technology and the WPI Data Access Working Group.
Revision History
- May 1, 2009 - Initial Release by Data Access Working Group (DAWG)
- September 23, 2009 - Approved by Governance Working Group (GWG)
Last modified: Oct 19, 2009, 02:28 UTC
![[WPI]](/Buttons/seal.gif "WPI Homepage"){kind=small}
![[CCC]](/Academics/CCC/Buttons/ccc.gif){kind=small}
![[Top]](/Buttons/top.gif){kind=small}