Stock photo of stylized padlock icons surrounded by a word cloud of information security terms.

The Data Security Task Force and Banner team continues to strengthen the security of protected student data by ensuring that direct (SQL) access to the Banner production database is limited to verified users, departments, and extended systems. The users, departments, and extended systems identified through previous surveys will maintain access. This multi-phase process began in September and continues throughout November.

Moving forward, non-registered users or systems will not be able run direct queries against the Banner database. End-users who need to maintain direct access to the Banner production database for day-to-day use are invited to pilot a two-factor authenticated virtual desktop (VDI) solution to access Banner until mid-October. This VDI-based solution will enable use of a limited set of tools to maintain current business needs (connect to the Banner database to execute SQL queries and to Banner Jobsub servers to initiate Banner Jobs). In mid-October, all users with direct access to the production database will be expected to transition to solely leverage the VDI solution. 

Please note that Banner 9 Admin Pages, OSCAR, and SSH access, will not be impacted by this change. 

Timeline

  1. Sept. 16: Direct access to Banner production database removed from all users, departments, and extended systems not registered, unless otherwise noted.
  2. September to Mid-October: VDI pilot
  3. Mid-October (exact date to be determined):  All users with direct SQL access to the production database will be expected to transition to solely leverage the VDI solution. Any exemptions or exceptions will be reviewed on an individual basis.  

For questions regarding the change, email bannercompliance@gatech.edu