...
Maturity Templates
SURFnet: Doc (in Dutch)
- Simple (Single?) Sign On
- Authorization
- Source system
- Policies?
- Processes and procedures
- IdP System
- Quality of data
- Implementation of processes and procedures
- Security
haka: Excel file (in English)
- Inventory of Authorized and Unauthorized Devices
- Secure Configurations for Software on Workstations and Servers
- Boundary Defense & Secure Configurations for Network Devices
- Maintenance, Monitoring, and Analysis of Security Audit Logs
- Application Software Security
- Controlled Use of Administrative Privileges
- Controlled Access Based on the Need to Know
- Continous Vulnerability Assessment and Remediation
- Account Monitoring and Control
- Privacy
- Data Recovery & Incident Response Capability
- Security Skills Assessment and Appropriate Training
Recommendations
SWAMID - eduID
InCommon and their IdPs
IdPs in WAYF because of audits