Educause Security Discussion mailing list archives

Re: Data Encryption Policies

From: Brian Reilly <reillyb () GEORGETOWN EDU>
Date: Wed, 7 May 2003 11:15:11 -0400

We address this in our information security policy, online at
http://www.georgetown.edu/policy/technology/security.htm.  In practice,
similar to IU, we strongly encourage all e-commerce providers on campus to
use a central credit card processing service, and never actually store cc
data on their servers.

--Brian

______________________________________________
Brian Reilly, CISSP
University Network Security Officer
Georgetown University, UIS
<reillyb () georgetown edu>
+1 202.687.2775


On Tue, 6 May 2003, Sallie F Wright/cis/evp/Okstate wrote:

Does anyone have a data policy for storing ssn and credit card numbers
encrypted?
Sallie Fulsom Wright
CIS Information Technology
System Security Officer
405 744-2752

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.

Current thread:

Data Encryption Policies Sallie F Wright/cis/evp/Okstate (May 06)
- <Possible follow-ups>
- Re: Data Encryption Policies Bruhn, Mark S. (May 06)
- Re: Data Encryption Policies Brian Reilly (May 07)
- Re: Data Encryption Policies Theresa M Rowe (May 07)