Title: Departmental Security Administrator DSA Training Part 1
1Departmental Security Administrator (DSA)
TrainingPart 1
- Dan Rinkert
- drinkert_at_ucsd.edu
- x41005
2What Youll Get From This Training Series
a Ability to Set-up and Maintain Your
Departments Access to UCSD Core Business Systems
Through AccessLink TNG
- Ability to Set-up and Maintain Your Departments
Access to UCSD Core Business Systems Through
AccessLink TNG
a Ability to Set-up and Maintain Your
Departments IFIS Approval Hierarchies Supporting
its Ability to Transact Financially
a Ability to Set-up and Maintain Your
Departments PAN Reviewers within PPS
3(No Transcript)
4 https//altng.ucsd.edu
5(No Transcript)
6ALTNG does not display fields when there is no
data
7(No Transcript)
8Tabs Are Not Displayed When There Is No Data
No Tabs means that this individual has not yet
self-registered
9(No Transcript)
10(No Transcript)
11When Someone Transfers into Your Department
Watch out for former depts account
12Create additional mainframe account
- Pick a Department from your DSA list
- Available prefixes for that dept show up, pick
one - Default RACF Group should be ok
- Option of sending email to inform user of new
account - Takes overnight to show up in your list, but
account is active and available for access
requests immediately
13How to Handle Multiple Accounts
You can check for multiple userids within the
Facility or RACF tabs of ALTTNG
Make sure you update the correct account
Make sure user logs on with the correct account
for your department and not with their email
address.
14Temporary Employment Services
TES employees often have more than one account
PERxxx userid
Dept code 000167
Please remember to terminate your departmental
account upon completion of their assignment
15Become Familiar with the People in Your
Department
16(No Transcript)
17(No Transcript)
18from your deptnot into
19Monthly Email to DSAs
20(No Transcript)
21(No Transcript)
22(No Transcript)
23Step 1
User Self-Registers
MyLeaveBalances
MyDirectory, Etc
Step 2
AccessLinkTNG Action by DSA
Core Business Systems
IFIS, ISIS, PPS, FinancialLink
24Attempts to reduce the number of passwords you
need to remember
Once you sign in, you dont have to sign in again
until you sign out, remain idle for a period of
time or close the browser
Accepts either your email address or userid
25(No Transcript)
26(No Transcript)
27(No Transcript)
28(No Transcript)
29If SSO Does Not Appear to be Functioning Properly
30and sometimes when you cant get to what you want
clear the cache cookies in your web browser
close re-open your web browser
make sure that only one window of the browser is
open
31(No Transcript)
32(No Transcript)
33(No Transcript)
34(No Transcript)
35(No Transcript)
36UCSD Core Transactional Systems
- IBM Mainframe (Enterprise Server)
- Student Data
- Maintained within ISIS
- Financial Data
- Maintained within IFIS
- Payroll/Personnel Data
- Maintained within PPS
37ISISIntegrated StudentInformation System
Facilities
Organization Structure
Course Catalog
Course Schedule
Housing
General Person (student)
Registration
Accounts Receivable
Grades
Admissions Recruiting
Faculty Staff
Academic History
Communications
Degree Audit
38IFISIntegrated FinancialInformation System
Modules
Travel Accounting
Accounts Payable
Accounts Receivable
Budget/ Staffing
Express Order
Purchasing
Utilities
General Accounting
Person/ Entity
39PPSPayroll/Personnel System
PAN Subsystem
Central Office Inquiry
EDB entry/ update
Payroll/ Personnel Employee Data Base (EDB)
Document to Employees
Departmental Inquiry
Employee History
40UCSD Core Transactional Systems Data Warehouse
- ACT Mainframe (Enterprise Server)
- Student Data
- Maintained within ISIS
- Financial Data
- Maintained within IFIS
- Payroll/Personnel Data
- Maintained within PPS
- Administrative Data Is Warehoused In
- DB2 Data Warehouse (formerly DARWIN SQL-DSE)
41FinancialLinkReports
TritonLinkReports
EmployeeLinkReports
DB2 Data Warehouse
IFIS
ISIS
PPS
42DB2 DATA WAREHOUSE(formerly DARWIN SQL-DSE)
IBM Mainframe Computer
IFIS
ISIS
PPS
DB2 Data Warehouse
Re-engineered Structures SQL Server
Data About The Data Relational Database
Desktop Computer Data Query Link
Applications Data Download
43For SQL access. Not required for Link Family or
Queries
See http//datalink.ucsd.edu for greater detail
Users can initiate this for themselves
44Generic Departmental Accounts
GAOzzz
https//altng.ucsd.edu/extras/genericAccounts.html
45Security Roles
Data Stewards
Department Management
ACT Security Administration
ACT CORE DATA
DSA
Audit and ManagementAdvisory Services
Campus Central Offices
Employees Using Core Data
46Ensuring Core Data Access and Security
Data Stewards
Department Management
ACT Security Administration
ACT CORE DATA
DSA
Audit and ManagementAdvisory Services
Campus Central Offices
Employees Using Core Data
47DepartmentManagement
- Appoints DSA (s)
- Decides which employees need access to core data
- Instructs DSA to obtain access
- When employee job responsibilities change,
reviews access needs - Assigns signature authorization to employees who
prepare, approve or review IFIS and PPS documents - Gives DSA written approval hierarchy and PPS
instructions - Ensures that DSA performs all required tasks
- Handles data security violations reported by DSA
48(No Transcript)
49DepartmentalSecurityAdministrator
(DSA)Appointment Form
50How Authority to Commit University Funds for
Expenditures is Delegated
Chancellor
Vice Chancellor
Department Head/ Chair
51Department Heads Re-delegate Signature
Authorization to Department Final Approvers
Dept. Head/Chair/ MSO or Admin. Officer above
MSO level
Employee 1 Final department approver for
Travel documents
Employee 2 Final department approver for
Purchasing documents
52(No Transcript)
53(No Transcript)
54(No Transcript)
55Ensuring Core Data Access and Security
DSA
Department Management
ACT Security Administration
ACT CORE DATA
Data Stewards
Audit and ManagementAdvisory Services
Campus Central Offices
Employees Using Core Data
56Roles of the DSA
- Acts as ACT Security Administration contact for
the department - Informs employees about self registration.
May resolve problems so employee can
self-register. - Assigns appropriate access within AccessLinkTNG
- May reset an employees userid when an employee
cannot. - Terminates an employees userid.
- Answers employee questions about core data,
systems, training, data security, and logon
procedures - Sets up, updates and deletes userids from IFIS
approval hierarchies and PPS notification screens
57(No Transcript)
58(No Transcript)
59(No Transcript)
60(No Transcript)
61(No Transcript)
62Self Service
63is dependent upon the persons email being able
to receive official campus communications
must have an Active Payroll status
64Become Familiar with How People Get Email in Your
Department
65ALEN
http//www.ucsd.edu/directory/finger
66(No Transcript)
67Justification Comments
68Self Service
69(No Transcript)
70(No Transcript)
71Resume account DEVDFR
72Account Termination
- Account Revoked
- DB2 access revoked
- All Facility values revoked NO WORKFLOW
- Automatic entry of Termination request Visible
at ALTNG Extras Utilities - Still needs to have final processing from ACT
before account is removed
Please dont to go to Facility or DB2 Tab areas
to revoke access
73(No Transcript)
74(No Transcript)
75(No Transcript)
76(No Transcript)
77ALTNG Utilities
78- Enter an account to see the mainframe application
accesses. - Each template or group can be clicked to see
screen or dept code detail.
79STUDENT WORKERS
80Please Do Not Request Student access for Student
Workers
81FACULTY
82Faculty are typicallynot granted access to ISIS
Grant Faculty Access to WWW TritonLink
83Does TNG permit a DSA to make Facility assignment
to themselves?
Yes, but it requires an alternate DSA to approve
it
84Data Security Violations
- Employee using another employees userid
- Userid not terminated after employee left the
department - Passwords written down or shared
- No computer/information use and security
statement signed by employee - Downloaded restricted data not properly protected
or stored - No delegations of signature authority forms on
file - On-line approval hierarchies or PPS setup does
not match written instructions - Information not accessed for legitimate
University business
85(No Transcript)
86Available within ALTNG Common Forms
87Responsibilities for Handling Private Data
- Use and Share the Data Only for Business Purposes
- Protect the Data from Unauthorized Physical or
Electronic Access (eg locks, passwords) - Do Not Keep Private Data Unless Required for
Conducting University Business - Use Email and Data Responsibly
- Comply with University Policies and Federal
State Regulations
88- http//blink.ucsd.edu/go/identitytheft
89Working from Home
90Ensuring Core DataAccess and Security
DSA
Department Management
ACT Security Administration
ACT CORE DATA
Data Stewards
Audit and ManagementAdvisory Services
Campus Central Offices
Employees Using Core Data
91ACT Security Administration
- Processes DSA appointment forms
- Processes ALTNG workflow
- Answers DSA questions about ALTNG, Core
Business Systems , and Data access and security - Sets up special access to Core Systems Data per
Data Steward instructions
Everett Stauffer estauffer_at_ucsd.edu
Ron Campnell rcampnell_at_ucsd.edu
92Ensuring Core Data Access and Security
DSA
Department Management
ACT Security Administration
ACT CORE DATA
Data Stewards
Audit and ManagementAdvisory Services
Campus Central Offices
Employees Using Core Data
93Audit and Management Advisory Services
- Conduct department audits to ensure compliance
with university policies - Investigate Core Data access and security
violations - Sometimes referred to as Campus Audit
94Ensuring Core Data Access and Security
DSA
Department Management
ACT Security Administration
ACT CORE DATA
Data Stewards
Audit and ManagementAdvisory Services
Campus Central Offices
Employees Using Core Data
95Employees Using Core Data
- Self-Register
- Reset their own Password
- Read and Sign the Computer/Information Use and
Security Statement - Understand and Follow University Policies for
Core Data Access, Use and Security - Review Information About Security
- Computer Security Basics Online Training
- Find Departments DSA
- If needed, request Business Systems access from
DSA
96Self Service
97(No Transcript)
98Available within ALTNG Common Forms
99Employees Using Core Data
100(No Transcript)
101(No Transcript)
102(No Transcript)
103UCSD Information Systems Rights and
Responsibilities
104Ensuring Core Business System Data Access and
Security
DSA
Department Management
ACT Security Administration
ACT CORE DATA
Data Stewards
Audit and ManagementAdvisory Services
Campus Central Offices
Employees Using Core Data
105Campus Central Offices
- Train employees to use core Business Systems and
core Business Systems data - Provide a help desk for the business functions
106(No Transcript)
107Ensuring Core Data Access and Security
DSA
Department Management
ACT Security Administration
ACT CORE DATA
Data Stewards
Audit and ManagementAdvisory Services
Campus Central Offices
Employees Using Core Data
108(No Transcript)
109(No Transcript)
110MyAffiliates
AFFxxx Account
111MarketPlace
Sponsored individuals can now sign up for Staff
Ed classes when they are not a UCSD employee.
112Step 1 Set-up MyAffiliates Administrator(s)
113Step 2 Attempt to Find the Individual
https//a4.ucsd.edu/myaffiliates/ap
114(No Transcript)
115(No Transcript)
116(No Transcript)
117(No Transcript)
118(No Transcript)
119(No Transcript)
120MyAffiliates Example in ALTNG
121(No Transcript)
122What if my affiliate needs access to the central
business systems?
123(No Transcript)
124Academic Personnel On-line
Dawn Reser Academic Personnel
Office
125ALTNGWhat Else is Coming?
- COEUS 4 (Pre-awards)
- Content Management System (CMS)
- Campus Asset Management System (CAMS)
126ALTNG
127ALTNG
128Access By Roles
http//physics.ucsd.edu/kandrews/Roles/Overview.h
tm