Institutional Focus – What to Do First
This is the high-level checklist for hardening CepatEdge for universities and enterprises. Details live in the referenced docs.
1. Identity & Access (SSO + Roles)
- What: Integrate with the institution’s IdP using OIDC first (SAML can come later), and map IdP groups/claims → CepatEdge roles (
employee,technician,department_head,admin). - Why: No SSO = instant “no” from most security reviews.
- Where: See:
docs/institutional-readiness/identity-and-access.mddocs/institutional-readiness/identity-and-access-diagrams.md
2. Token Lifecycle & Revocation
- What: Short‑lived access tokens (~15 min), refresh tokens (~7 days), and a Neon‑backed session store that lets us revoke sessions centrally.
- Why: Long‑lived, non‑revocable JWTs are not acceptable for risk‑averse IT.
- Where: See:
docs/institutional-readiness/token-lifecycle-and-revocation.mddocs/security/overview.md(JWT + RBAC section)
3. Audit, Logging & Governance
- What: Minimal audit tables in Neon (auth events, role changes, maintenance lifecycle) and clear retention rules for logs and data.
- Why: Institutions need traceability (who did what, when, from where) and retention stories for compliance.
- Where: See:
docs/institutional-readiness/pilot-readiness-gap-assessment.mddocs/security/data-retention-and-privacy.md
4. Backup, DR & Operational Ownership
- What: Neon backups with tested restore, R2 versioning, defined RPO/RTO, and a simple RACI for who owns infra, keys, monitoring, and incidents during a pilot.
- Why: “What happens if this breaks?” is a core review question.
- Where: See:
docs/institutional-readiness/hardening-sprint-plan.mddocs/guides/runbook.md
5. Things Explicitly Paused Until the Above Is Real
- Backend route migration (Phase 5), maintenance caching, new features (notifications, analytics), and heavy abuse/performance testing.
- See:
PHASES.md(Phase 4.5 notes)CURRENT_PHASE.md(pause note at top)STEPS.md(Steps 3–6 on hold)