I. STANDARD STATEMENT
Application security is a critical consideration in the development or procurement of
software. The factors which affect the safety of an application are numerous, including
the code itself, the hardware and network on which it is installed, authentication and
authorization of those who should have access and regular monitoring of traffic to and
from the application.
II. RATIONALE
This standard supports HOP Policy 8-12 Information Resources Use and Security Policy
III. SCOPE
This standard applies to all UTSA faculty, staff, and students.
IV. CONTACTS
informationsecurity@utsa.edu
V. PROCEDURES
- Each UTSA business unit that acquires or hosts an application connected to the
UTSA network is responsible for registering the application with University
Technology Solutions (UTS) and with meeting all security requirements identified as
appropriate to the Data Classification levels. - UTS will maintain a registry to track the purpose of the application, responsible
parties, data classification, and relevant technical information. - UTS is responsible for the enforcement of this policy. Audits and monitoring will be
employed to detect the use of insecure systems. UTS will provide technical
information and advice to assist departments in meeting these requirements. - For assistance pertaining to application access, application access reviews,
or consultation pertaining to application account management, please contact the
Office of Information Security at informationsecurity@utsa.edu.
OIS 4 – Standard for Application Registration
Effective Date: January 1, 2014
Last Reviewed: September 17, 2020