TBD - DRAFT

Overview

This section collects best practices related to security and the ODS / API Admin App. As with every application in your enterprise, you should ensure that the Admin App is part of your organization's holistic security approach, is included in periodic external security audits, and so forth. The information herein contains considerations specific to the Admin App.

Contents

General Configuration
- Access
- Hosting
On-Premises Deployments
- Restricting Access to Active Directory Groups or Users
- Updating NTLM for On-Premises Admin App Deployments

General Configuration

Access

Admin App is an administrative application targeted towards IT administrators within a local or state education agency. Ideally, you should configure the system to be accessible only to the small group that requires administrative access.

Hosting

If practical, the Admin App should be available only to internal, private, or VPN-access-only networks.

Multi-Instance Connections (v2.x.x)

Overview

General Configuration

Access

Hosting