The University of Oslo are looking at Canvas - and consider to use the Canvas Cloud (not only the open source from BIBSYS) in more ordinary courses.
From a security point of view I have some questions about integrating apps:
Question 1: Can the administrator/sys adm at the university adjust the settings to prevent teachers or course builders to build in or integrate any external apps?
Question 2: Can the administrator/sys adm at the university adjust the settings in such way that some apps are allowed, but all other are apps not allowed?
Question 3: I believe that the apps differs in the wat they are exchanging data in or out of Canvas. Is there any information available about what data that are going in or out?
From a security point of view, this is important for UiO.