What security aspects are retained by agencies, in relation to the following items – Identify management, application security, file services security, remote connectivity and access?
Identity Mgmt. Access requests and user provisioning (directory/file, ID creation/removal, determine access rights) remain with the agency. Application Security. This depends on the application. If the security set-up requires “root” access, the responsibility is with the service provider. Agencies are responsible for setting up new users and determining their access, but do not have “root” access. The service provider provides tools for agencies to perform this function without having “root” access. File services. Directory/file creation remains with the agency. The service provider provides tools or methods for agencies to perform this function without having “root” access. Loading files to the web continues to be an agency responsibility. Remote Connectivity & Access. If there is a server, the server is in scope. The software may also be in scope. Agencies set up new users and determine policies, but the service provider provides installation, administration, configuration, storage
Related Questions
- What security aspects are retained by agencies, in relation to the following items – Identify management, application security, file services security, remote connectivity and access?
- How should agencies incorporate security into management of information resources?
- How can districts identify local emergency management or health agencies?
