Download presentation
Presentation is loading. Please wait.
Published byGeorgia Cannon Modified over 9 years ago
1
Wednesday, May 20, 2015 10:00 a.m. – 11:30 a.m., Central Time Presented by Information Technology Services Division (ITSD), Information Technology Security (ITS), Access Management Branch (AMB) United States Department of Agriculture Office of the Chief Financial Officer National Finance Center NFC User Group Meeting
2
NFC ASO User Group Meeting Agenda Welcome Webinar Guidelines News & Updates –Review of February User Group Meeting –Expansion of Inactivity Process to Web Apps –Access –Training –Insight –Role Based Security –AD-3100-P Access Form Changes –Remedy Requester Console –Notices –Contact Info Questions & Comments May 20, 20152
3
NFC ASO User Group Meeting Webinar Guidelines Place your phone on ‘mute’ Do not put your phones on ‘hold’ Include your agency acronym with your name when signing in Send your name & agency, comments & questions via the Notes tab during the webinar Email NFC.ASO@nfc.usda.gov for a copy of the presentation or download it from the NFC Security Corner User Group Page (https://www.nfc.usda.gov/Security/user_group.html)NFC.ASO@nfc.usda.govhttps://www.nfc.usda.gov/Security/user_group.html Limit background noise, side conversations, etc. when asking questions Remember: Your participation is critical to our success! May 20, 20153
4
4 Notes posted on Security Corner Over 80 attendees Received comments on access forms Changes incorporated Updated AD-3100-P access form posted on Security Corner Several questions addressed and documented in Notes NFC ASO User Group Meeting February 18, 2015 ASO User Group Meeting
5
May 20, 20155 Apps affected SALL, DPRW, FUND, FSDE, ITRS, OFEE, PADS, RPCT Must log into each application to remain active When users are deleted from the SALL web apps, the process does not delete the entire user account -- just the attached applications from the userID If user has at least one application active or locked, the entire inactive account won’t be deleted until the 720 days has passed If the user is not assigned to any application, the entire entry regarding the user will be deleted after 120 days. –Don’t want to keep blank account for 720 days –120 days should give user enough time to assign application to account History information is available NFC ASO User Group Meeting Expansion of Inactivity Process to Web Apps
6
May 20, 20156 Expedites Requested because previous request cancelled due to missing info Please make sure all information is provided on initial submission Will review things to consider in later slide Reporting Center Access If Reporting Center only, please indicate this in Special Instructions Will be placed in a special TSS DEPT Prevent deleting of mainframe account Insight Access Audit to remove global access Changes should go to your Client Management Liaison Servicing Agreements POCs Security Corner Subscribing to Security does not provide ASO private communications Public updates to ASO subscriber list not allowed Subscribe link gives notification of Security Corner content changes only NFC ASO User Group Meeting Access
7
May 20, 20157 NFC ASO User Group Meeting Training Use your official government email address when registering Acuity is not 508 compliant NFC is looking into an alternative solution that is 508 compliant Users who use the keyboard as their main input device are unable to interact (e.g., selecting a date from the calendar) No associated labels with input elements, which helps define context for screen readers May have to go to internal scheduling of training and user group meetings ASO would email nfc.aso@usda.govnfc.aso@usda.gov AMB would input ASO information into Acuity Once NFC gets a compliant solution, ASOs could go back to registering themselves
8
May 20, 20158 NFC ASO User Group Meeting Insight Insight recently modified to increase max number of org codes from 10 to 20 Password Reset Insight does not prompt to change password at first login Change it by logging in and clicking on 5. Password Reset under Dashboard tab
9
May 20, 20159 Documents posted on Security Corner https://www.nfc.usda.gov/Security/Role_Based_Access.html IRS in process, NIST up next RBA Guide What is Role Based Access? Implementation Process –Phase 1 – Kickoff –Phase 2 – Define Agency Security Access Requirements –Phase 3 – Build the Roles and Establish Validation User IDs –Phase 4 - Validate Security Access Requirements –Phase 5 – Cutover –Phase 6 – Post Implementation NFC ASO User Group Meeting Role Based Security
10
May 20, 201510 ASO Responsibilities Appendices –Security Requirements Matrix (Blank) –Task Schedule Example –Agency Role Matrix Example –Agency Role Matrix (Blank) –Organization Security Structure Example –User Report Example Use Role Based Access summary line after you are implemented Implementation Strategy –Other agencies who meet criteria for Phase I should email nfc.rba@usda.gov NFC ASO User Group Meeting Role Based Security
11
May 20, 201511 NFC ASO User Group Meeting AD-3100-P Access Form Changes Section 1: Removed Name Change box Added reference to ‘federal’ in SSN box Lengthened email box Section 2: Consolidated action boxes for Users & Profiles Added references to roles
12
May 20, 201512 NFC ASO User Group Meeting AD-3100-P Access Form Changes Added applications Added ability to change each application Removed some unnecessary applications and options Removed Remarks box
13
May 20, 201513 NFC ASO User Group Meeting AD-3100-P Access Form Changes
14
May 20, 201514 NFC ASO User Group Meeting AD-3100-P Access Form Changes
15
May 20, 201515 NFC ASO User Group Meeting AD-3100-P Access Form Changes Prevent Cancellation of Forms Are you authorized to have the requested access? Did you use the correct Summary Line? Did you include UserID, Name, Applications, Profiles/Roles? Did you provide access level, org, POI, etc.? Did you provide Sensitive/Non-Sensitive, Update/Read, etc.? Did you provide OON, Contact Points, etc.? If a new federal user, did you provide the SSN? If a contractor, did you provide expiration date? If SSNs provided, did you encrypt the form? Did you provide a password for your agency? Did you respond to AMB requests for information within 3 days?
16
May 20, 201516 Use Correct Summary Line Use Create summary line for New Hires Only, or to re-establish a deleted account Use forms to submit requests to prevent your request from being cancelled Do not add access changes to Work Info after the request is resolved Do not request access to all applications Description of apps can be found at https://www.nfc.usda.gov/About_NFC/products.html https://www.nfc.usda.gov/About_NFC/products.html For Help: Click on ‘Contact Us’, then NFC Contact Center logo, then select specific area NFC ASO User Group Meeting Remedy Requester Console
17
May 20, 201517 NFC ASO User Group Meeting Remedy Requester Console
18
May 20, 201518 NFC ASO User Group Meeting Notices Goal: Increase communication via notices Source: GovDelivery Status Report
19
NFC ASO User Group Meeting Contact Information Access & Report Requests via Remedy Requester Console https://servicecenter.nfc.usda.gov/arsys/home Trouble Tickets (Operations & Security Center) OSC.Etix@nfc.usda.govOSC.Etix@nfc.usda.gov or (800) 767-9641 Contact AMB (Request Training, Notifications) NFC.ASO@nfc.usda.gov Security Corner https://www.nfc.usda.gov/Security/Security_home.html Ivan Jackson Associate Director, ITSD, ITS Ivan.Jackson@nfc.usda.gov Gail Alonzo-Shorts Acting Chief, ITSD, ITS, AMB Gail.Alonzo-Shorts@nfc.usda.gov Remedy Requester Console Training Louis Collins, AMB Staff Louis.Collins@nfc.usda.gov James Varnado, AMB Staff James.Varnado@nfc.usda.gov Evangeline Duncan, AMB Staff Evangeline.Duncan@nfc.usda.gov ASO Basic Training Jennee Marquez, AMB Staff Genevieve.Marquez@nfc.usda.gov ASO Intermediate Training Susan Traill, AMB Staff Susan.Traill@nfc.usda.gov May 20, 201519
20
NFC ASO User Group Meeting Questions? Comments? May 20, 201520
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.