Security Health Check Enhancements

Security Health Check is an existing administrator tool that enables customers to view their portal’s security settings.

With the November ‘22 Release enhancements to Security Health Check, customers can do the following:

  • Edit security issues to the Cornerstone recommended value
  • View and export the Modification History in Microsoft Excel file format

Best Practices

  • Organizations should consult with their IT Security team and test in Pilot and Stage environments before making any updates to security settings in the Production environment.
  • Cornerstone maintains recommended values for portal security. Depending upon an organization’s portal configuration (ie: custom coding, scripts, etc), updating a setting to the Cornerstone recommended value may impact portal functionality (ie: custom HTML links, etc).

How Does this Enhancement Benefit My Organization?

This Security Health Check enhancement strengthens the joint responsibility model between Cornerstone and its customers, allowing customers to manage and review updates to their portal’s security settings.

Considerations

Administrators can only change the value for security issues, which are security settings that are in a critical or warning status. Further, administrators can only change security settings to the Cornerstone recommended value. To change a value for a non-security issue or to change a setting to a non-recommended value, administrators must contact customer support, which is the previously existing process.

Partners maintain View Only access but they can be granted the ability to view and export the Modification History.

The Security Health Check Modification History is environment specific. Also, updates to security settings that were made prior to the November release are not displayed.

Frequently Asked Questions (FAQs)

Implementation

This functionality is automatically enabled for all organizations.

The ability to edit a security issue value is controlled by the Security Health Check - Edit Security Issues permission.

Permissions

The following new permission applies to this functionality:

PERMISSION NAME PERMISSION DESCRIPTION CATEGORY
Security Health Check - Edit Security Issues Grants ability to edit security issue settings in the Security Health Check tool and set them to Cornerstone's recommended value. This permission cannot be constrained. This is an administrator permission. Core Administration

The following existing permission applies to this functionality:

PERMISSION NAME PERMISSION DESCRIPTION CATEGORY
Security Health Check - View Grants ability to view the Security Health Check tool. This permission cannot be constrained. This is an administrator permission. Core Administration

Security Roles

Upon release, the new Security Health Check - Edit Security Issues permission is automatically granted to the default System Administrator role. Administrators must grant this permission to other roles, if necessary.