Security Architecture
Institutional Technology Architecture
Layered security model: governance, identity, applications, data, and monitoring. Aligned with NIST CSF 2.0 and Zero Trust principles.
Board of Trustees
Oversight charter, annual review
President
Executive accountability
CISO
Program ownership, scorecard
IT Director
Operational execution
Microsoft Entra ID
Central identity provider
MFA
100% coverage target
PAM
Privileged access management
Ellucian Banner ERP
SIS, financial aid, records
SFC Attend (Power Apps)
Attendance PWA · Dataverse · GPS check-in
Microsoft Dataverse
SFC Attend data store
SharePoint / M365
Collaboration, document storage
Gecko Engage
International student services
FERPA Records
Student education records in Banner
Financial Aid Data
Aid disbursement and eligibility
SEVIS Data
F-1 immigration records via DSO systems
Attendance Data
SFC Attend / Dataverse (beta)
SIEM
Centralized log correlation
Audit Logs
Banner + Attend FERPA logging
Microsoft Defender
Endpoint detection and response
Shared Responsibility
Microsoft secures Power Platform and Azure infrastructure. St. Francis College owns Entra ID configuration, application access policies, and FERPA-compliant data handling.
MFA enforcement through Entra ID is the primary control protecting institutional applications including Banner ERP and SFC Attend.
Data Protection
FERPA records reside primarily in Banner ERP. SEVIS data flows through DSO systems. SFC Attend (beta) stores attendance data in Dataverse with row-level security.
Digital Transformation: SFC Attend →