Educause Security Discussion mailing list archives

Re: Email account management for alumni

From: Kevin Shalla <kshalla () UIC EDU>
Date: Fri, 27 Jan 2006 14:08:17 -0600

You may want to post this to the Administrative Systems Management
constituent group.
<http://www.educause.edu/AdministrativeSystemsManagementConstituentGroup/961>

At 05:51 PM 1/26/2006, Dave Koontz wrote:

Great question Gary.  The only answer I can offer is that everyone's mileage
will certainly vary here, and what works for one site may not work for
another.  We've had GREAT success with our system... But... Clearly each of
us must analyze the risks associated with the level of access that any given
user/group requires to make proper decisions.

In our environment, all transcript requests must go through our Registrar's
office, which are not free nor readily available online.  It sounds like you
are not so lucky.  If any of these users in question require access to any
type of data you would consider "confidential" information, then I believe
you have no choice but to treat them like any other "administrative" system
user, and require whatever user verification schemes you currently require
of those "administrative" users to reset their passwords, which are
hopefully much more restrictive.  Do this a time or two, and I hope /
believe these users will actually take a vested interested in maintaining
their own information.

-----Original Message-----
From: Gary Flynn [mailto:flynngn () JMU EDU]
Sent: Wednesday, January 25, 2006 10:40 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Email account management for alumni

Dave Koontz wrote:

>Given the limited network access rights most students / alumni and
>other non administrative users have in our network, we opted to write
>our own Web Based Password Reset form for these users.  It works
>similar to some high-dollar commerical software. We see this as farily
>minimal risk, since in our environment these user accounts do not have
>rights to any adminstrative software or critical services.

What about folks who want to make things like transcripts available online?

Current thread:

Email account management for alumni Gary Flynn (Jan 25)
- <Possible follow-ups>
- Re: Email account management for alumni Dave Koontz (Jan 25)
- Re: Email account management for alumni Gary Flynn (Jan 25)
- Re: Email account management for alumni Geoff Nathan (Jan 26)
- Re: Email account management for alumni Dave Koontz (Jan 26)
- Re: Email account management for alumni Kevin Shalla (Jan 27)