VCCS Colleges
Text Only
home-bullet Home academics-bullet Academics admin-bullet Administration lr-bullet Learning Resources        Search
student_banner_photo
VCCS_Logo colleges_button
Education for a better job, a better life, a better future.
Who We Are
       Achieve 2015
          Colleges Achieve 2015
       Career Coach Profile
       Our History
       Fast Facts
       Chancellor
       State Board
          Agendas
          Meetings
          Members
          Minutes
       Mission
       Policy Manual
       Maps & Directions
       Research & Statistics
       News & Events
       Code of Ethics
       Dana Hamel Award

Students
       Apply to a Community College
       Career Switchers-EducateVA
          Career Switchers
          Contacts
          Schedule
          Prerequisites & Endorsement Areas
          Webinars and Information
          Fees & Financial Aid
          Apply
          Program Description
          News
          Resources
          FAQs
       Courses & Programs 
       Dual Enrollment
       Financial Aid
       Library & Learning Resources
       MyVCCS
       Tuition & Fees
       Transfer
          Pre-Teacher Education Transfer
          Early Childhood Classroom
       Military/Veterans
       International Education

Policy Makers
       2011 Annual Meeting & Scholarship Celebrations
       Fast Facts
       Legislative Line
       Achieve 2015
       Emergency Prep
       2010 COOP/DR Summit
       Environmental Sustainability Report
       Admin Services Conference

Faculty & Staff
       Human Resources
          Equal Opportunity
             Equal Employment Opportunity
             Student Complaints
             WIA-Equal Opportunity
          Presidential Searches
             PHCC Presidential Search
             TCC Presidential Search
          Jobs
          Benefits
          Payroll/Leave Forms
          HR Forms
          Faculty Diversity Program
          Human Resource Policies
             System Office Teleworking
          Emergency Preparation - H1N1
          Emergency Preparedness - General Info
          HRMS Project
       Professional Development
          Awards
             Chancellor's Award for Teaching Excellence
             SCHEV Outstanding Faculty Award
          Calendar of Events
          Current Topics in Teaching and Learning Current Topics in Teaching and Learning
          Developmental Education
             Dev. Ed. Symposium
             2nd Annual Chancellor's DevEd Inst.
          Faculty Learning Community Faculty Learning Community
          Grants Program
             Paul Lee Professional Development Grants
                Paul Lee PD Grant Application
             Paul Lee Workshop Mini-Grants
                Paul Lee Workshop Mini-Grant Application
                2008
             Grant Reports Library
                2010
                2009
                2008
          Inquiry
          International Exchange
          Leadership Academies
             Classified Staff Leadership Academy
             Faculty & Administrators Leadership Academy
          New Faculty Seminar 2011
          New Horizons 2012
             Agenda At-A-Glance
             Attendees
             Call for Proposals
             Excellence in Education Awards
                Best Practices in Teaching
                Improving Student Success
                Innovative Use of Technology
                EIE Award Finalists
                Past Award Winners
             General Information
                Hotel Floor Plan
                FAQs
             Hotel Roanoke Room Reservation Lottery
             Participant Registration
             Sessions At-A-Glance
             Speakers
             Vendor Registration
          Peer Groups
             General Peer Group Information
                New Peer Group Information
                Peer Group Meetings: A Primer
                Peer Group Manual 1.0
                Tips for a Successful Peer Group Application
             Peer Group FAQ
                New Peer Group Application FAQ
                Peer Group Meeting FAQ
             Peer Group Applications
                New Peer Group Volunteer Application
                New Peer Group Application
             Peer Group Meetings
                MTH & CSC Peer Group Meeting: March 30-31, 2012
                EMS Peer Group Meeting: March 29-30, 2012
                   EMS Call for Proposals 2012
                   EMS Participant Registration 2012
                LAP Peer Group Meeting: February 2-3, 2012
                   LAP Call for Proposals 2012
                   LAP Participant Registration 2012
          Regional Centers for Teaching Excellence
             Teaching and Learning Resources
          Scholarships
             Chancellor's Commonwealth Professors Program
                Samples of CC Professors Program
             Chancellor's Commonwealth Professors Application
             Chancellor's Faculty Fellowship
             Chancellor's Faculty Fellowship Application
             Chancellor's Fellowship for Classified Staff
       Policy Manual
       Research & Statistics
       Information Technology
          IT Policies
          ITS Strategic Plan
          IT Accessibility
          Audio Conferencing
          Video Conferencing
          Governance
          Guidelines
          Models
          Projects
          Procedures
          IT Project Management
          Security
          Standards
             Information Security Standard
             Acceptable Use Agreement
             Super User Standard
             Enhanced Security for Desktop/Notebooks
       Academics
          Master Course File
          Developmental Education
          Program and Course Planning
          Library & Learning Resources
          Instructional Technology
          VCCS Athletics
       Administrative Services
          Facilities
          Fiscal Services
          Purchasing
          Budget
       Meetings & Conferences
          Meeting Notes
       Audit
          Audit Staff
          Services Offered
          Audit Process
          Audit Plan
          FAQs
          Audit Links & Resources

Workforce Services
       Workforce Services
          NGA 2010 Governor's Forum
       2011 Hire Education Conference
       Business & Industry
          Va. Ind. Auto Dealer Licensing Class
          Contractor Business Licensing Class
          Tradesman Continuing Education
          Medication Aide Training
          Architects, Engineers, Surveyors & Landscapers
          Tax Preparation
       Career Pathways 
          Apprenticeship Related Instruction (ARI)
          Career Coaches
          Middle College
          On Ramp Program
          Post Secondary Perkins
       Workforce Grants
       Career Readiness Certificate
       WDS Regional Locator
       Virginia Workforce Network

Foundation
       Board of Directors
       Foundation Publications
       Legislative Reception
       Great Expectations
       Scholarships
          Valley Proteins Fellows Program
       Make a Donation
       2011 Philanthropy Leaders
You are here: Homebreadcrumb-arrowFaculty & Staffbreadcrumb-arrowInformation Technologybreadcrumb-arrowStandardsbreadcrumb-arrowSuper User Standard breadcrumb-arrow

Technology Standard

Assignment of the Super User Security Role

Version: 1.1
Status: Approved: 04/16/08
Contact: Director, Technology Administration Services

PURPOSE

The VCCS provides shared information technology resources and services to faculty, students, staff, and college patrons for activities supporting the VCCS mission. The purpose of this standard is to protect the integrity of VCCS Technology Resources and the users thereof against unauthorized or improper use of those resources. All individuals (VCCS and otherwise) granted access to this security role will be required to follow the guidance documented in this standard.

SCOPE

The following standard describes the responsible use expected by those given access to the technology resources and services supporting the VCCS Student Information System (SIS) and Administrative Information System (AIS). The standard defines the Super User security role and establishes the specific requirements governing the assignment and use.

APPLICABILITY

This standard is applicable to the System Office and all colleges.

DEFINITION

As a part of the AIS and SIS security model VCCS provides a special set of permissions, often described as the "Super User" role, which has access to all panels (navigations) available in the system except those supporting security administration and the “Enrollment” panel.  The role as defined also permits those who are assigned this role full authority to read, change, and delete the information stored in the associated databases.

STANDARD

In accordance with COV SEC501-01 standard and the VCCS Personnel Security standard the principle of least privilege must be used by each college and the System Office in the assignment of security roles and responsibilities.  Faculty, staff, administrators, and other users requiring access to enterprise systems should be granted only those privileges necessary to perform their normal work duties as documented in their employee work profile or other formal documents that detail job duties.  Therefore given the current authority and scope of access assigned to the Super User security role and other similar privileged security roles access must be strictly limited to those personnel as determined by the needs of the colleges and System Office.  However the following must apply:

1.      All System Office and college assignments in the production instance (except VCCS security administrators) must be reviewed and authorized every 120 days.  The account will be automatically deleted if a renewal is not approved.

2.      All requests should be fully documented outlining the need and specific work to be accomplished.

3.      Request for access to the production instance must be authorized by the immediate supervisor, agency head or their designee, the data owner, and system owner.

4.      The entity (college or System Office) who grants an individual the Super User role is responsible for ensuring that the individual(s) assigned to this role has all the required knowledge, training, and related skill sets necessary to effectively perform the work under the Super User security role. 

5.      The entity (college or System Office) that submits the request for an individual to be assigned the Super User security role is ultimately responsible for the work performed under this privileged account.  Therefore they are expected to implement internal procedures and/or processes that ascertain that the use of the “Super User” role is appropriate and can be substantiated as required.

6.      The entity (college or System Office) information security officer must maintain a file of all requests and written and/or electronic documentation for Super User for periodic review by the Internal Audit Office and VCCS Security Office.  These records shall be stored and safeguarded in a manner consistent with all applicable record retention policies and guidelines and made available upon request.

7.      Any exceptions to this standard must be fully documented by the entity (college or System Office) and the information forwarded to the System Office for verification and review.

Access methods, like the Super User, are at risk for potential abuse primarily through well-intentioned misuse. In the extreme, changes to the production application and database using the Super User can leave elements of the database in an error state, and the validity and integrity of student and institution data could be compromised. This standard proposes a set of practical procedures for safeguarding the VCCS IT enterprise applications and data.

Note:  The role of System Owner is temporarily delegated to the college president or their designee.

RELATED LINKS

Personnel Security

Access Control and Determination

IT Security Awareness Training

Acceptable Use
Contact Us | Help | Sitemap | Privacy/FOIA | Acceptable Use Agreement | Staff Directory | Thursday, February 09, 2012
Virginia's Community Colleges  bullet-footer  myfuture.vccs.edu  bullet-footer  101 N. 14th Street, 15th Floor  bullet-footer  Richmond, VA 23219