Student Information System
Online Security Guidelines

SIS Online Security Guidelines
Version: 1.0
Status: Created: 8/17/99
Contact: LaVonn Creighton

To define VCCS online security guidelines for the Student Information System (SIS).

This guideline covers the requirements from creating SIS operator classes and operator ids  for online security.

APPLICABILITY

This guideline is applicable to colleges and campuses within the VCCS.

VCCS has established standard SIS operator ids that are linked to operator classes. An operator class is used to organize customers into groups with common access rights.

To create operator classes, refer to the VCCS Information Security Form: Creating Student Information System Security Classes. An operator class consists of the following attributes:

• Class Name
• Class Description
• Business Process Map
• Background Disconnect Interval
• Time-Out Minutes
• Signon Times Menu Items
• Menu Items
• Process Security Groups 

The above attributes do not give customers their individual security (Institution, Career, Academic Organization, etc.); it only provides access rights. Therefore, customers can share the same operator classes no matter what Institution, Career, Academic Organization, etc. they belong. For instance, all student records personnel at any institution may use the same menu items (panels), signon times, business process maps, etc, therefore they can share the same operator class.

Customers can belong to more than one operator class. If a customer is linked to multiple classes, most of the attributes of those classes are combined to form the set of restrictions for that customer. When linked to multiple classes, one class must be defined as the primary class. The information below depicts how security attributes are determined for a multi-class operator (customer):

Note: If any class specifies full access to a menu item, the operator has full access even if other classes define it as Display Only. If several signon times overlap, the earliest start time and the latest end time are used.

College Actions:

1. College should review the list of standard operator classes to determine which class or combination of classes should be assigned to each customer who will be granted access to the SIS.

2. Document all exceptions and create a request for any new classes that may need to be created.

3. Submit requests to the VCCS Information Security Officer with appropriate justification.  Include a completed VCCS Information Security Form: Creating SIS Security Classes.

4. All new requests will be subject to an internal review.

5. If approved, the operator class will be created and added to the  standard operator classes.

Every VCCS customer will have a customer id and password. This customer id and password will become a customer’s SIS operator id and password. The operator id and password is used to gain access to the SIS online system and to give security access rights to SIS. The VCCS has many customers with different security requirements; therefore, model operator ids will be established for groups of customers. The model id will be linked to an operator class and will have specific security to student administration and/or student financials.

Every college will establish model operator ids to grant security for groups of customers at their specific institution. To create model operator ids, refer to the VCCS Information Security Form: Creating Student Information System Operator Level Security (Model Operator Ids).   An operator id consists of defining security to the following SIS attributes:

Securing Student Administration:
Academic Institution
Academic Careers
Institutions/Careers
Academic Programs
Academic Plan
Academic Organizations
Recruiting Centers
Admissions Actions
Application Centers
Enrollment
Program Actions
3C Group
Service Indicators
Transcript Types

Securing Student Financials
Unit
Item Type
SetID
Company Class
Credit Card
Origin