CTools Help Document
CTools Data Security Policies and Practices
We take very seriously our responsibility to protect and secure institutional and personal data at a consistently high level. The following provides an outline of the information and data security policies and procedures employed by CTools.
1. Authentication: The University's weblogin authentication system controls access to CTools. The weblogin service is the standard way to identify and authenticate users of web-based services at the University of Michigan.
The weblogin service is implemented using CoSign (http://www.umich.edu/~umweb/software/cosign/), which provides identification and authentication via Kerberos, Friend accounts, and MTokens (two-factor authentication). Kerberos and MTokens have very strong identity management capability, while the level for Friend Accounts is relatively weak. Individual web-based services, such as CTools, can control which authentication sources that they accept or require -- for example, a service can choose not to allow access by Friend accounts. CTools allows access by Friend Accounts in order to facilitate cross-institutional collaboration.
In addition to the Cosign weblogin, all subsequent traffic is encrypted via Secure Sockets Layer (SSL), which protects transmission of information. This means that data passed between the browser and CTools is protected by industry-standard technology.
2. The CTools Application: CTools is based on an open source product called the Sakai Collaboration and Learning Environment, which in turn is the product of the Sakai Foundation http://sakaiproject.org and contributing member institutions (including U-M). As with any large-scale, enterprise-level application, security issues are occasionally discovered within the Sakai CLE product. These issues are governed by foundation policy http://sakaiproject.org/sakai-security-policy and are typically fixed (and patches applied by the institutions running Sakai in production) before public disclosure of the issue occurs.
3. Systems Administrators: CTools is administered and supported by University staff subject to Standard Practice Guidelines (SPG) on the handling of sensitive data. The policy statements most applicable to work carried out by CTools staff are: SPG 601.7: Proper Use of Information Resources, Information Technology, and Networks at the University of Michigan SPG 601.12: Institutional Data Resource Management Policy Additionally, administrators and support staff who work within the CTools application itself are required to complete ITS Access and Compliance training.
4. Internal Audit: The last CTools audit was completed during Fall 2012. These audits focus primarily on the processes used to manage the system, and seek to reduce risk by continually improving management oversight and control of the environment based on industry best practices. All issues identified in the most recent audit have been addressed and implemented. We believe that our efforts and the actions of an informed and responsible user community can combine to provide a highly secure online collaborative environment for the University. For additional information please contact email@example.com.
5. User Best Practices: It is important to understand that CTools is a collaborative environment designed to facilitate the sharing of information. This means that it is possible for users, through normal operation of the system, to configure their sites and files in such a way as to potentially expose sensitive data. For this reason we recommend the following best practices, particularly when sensitive data are being handled:
A. Provide group training for site participants. This is useful for establishing collaboration and data handling norms among group members, and it may also be an important way to make your participants more aware of their responsibilities under the SPG, FERPA, the Statement on Student Rights and Responsibilities, and/or other relevant policies and laws. CTools training may also help participants understand how site membership and roles are used to define permissions within the environment, and how those settings may be used to achieve the desired access levels.
Contact CTools Support firstname.lastname@example.org for information on available training. In addition to CTools training, it may also be relevant to cover general computer security topics like password management http://www.itd.umich.edu/itcsdocs/r1162/ and sensitive data handling http://www.safecomputing.umich.edu/faculty&staff.php with your group.
B. Encryption of sensitive data. As a last, and best, defense against exposure of sensitive information, site owners and participants should consider encrypting the data itself before it is uploaded into a collaborative environment like CTools. In that manner, if data is exposed, despite the best intentions and the technical controls of the system, they will remain unusable to anyone who is not privy to the internal encryption procedures. Encryption tools range from the relatively weak (e.g., MS Office or PDF password protected files) to very powerful commercial and open source products.
We believe that our efforts and the actions of an informed and responsible user community can combine to provide a highly secure online collaborative environment for the University.