Question HLSY-01

Do you have a systems management and configuration strategy that encompasses servers, appliances, cloud services, applications, and mobile devices (company and employee owned)?

Standard Guidance

EDUCAUSE provides no guidance here

Answering "NO"

Describe your intent to implement a systems management and configuration strategy.

Answering "YES"

Summarize your systems management and configuration strategy.

Reason for Question

In the context of the CIA triad, this question is focused on system integrity, ensuring that system changes are only executed by authorized users. Additionally, it is expected that devices (for administrators, vendor staff, and affiliates) that are used to access the vendor's systems are properly managed and secured.

Follow-Up Inquiries

Follow-up with a robust question set if the vendor cannot clearly state full control of the integrity of their system(s). Questions about administrator access on end-user devices and other maintenance and patching type questions are appropriate.

HECVAT Pro Advice

[Add expert insights and best practices]

Implementation Tips

[Add practical steps for SME SaaS vendors]

FAQ

[Add common questions related to this HECVAT item]

Resources

[Add links to relevant articles or tools]