Educause Security Discussion mailing list archives
Looking for consesus
From: "Chad McDonald, CISSP" <chad.mcdonald () GCSU EDU>
Date: Thu, 3 Aug 2006 09:14:47 -0400
I have been asked to provide realtime information pertaining to who has access to various systems across campus. We require the data owner to sign off on who has access to the systems, so I was considering publishing on the web a list of names (NOT usernames) correlating to the systems to which they have access. I don't see a need to publish the level of access or any other data than system name and user's name. I am torn between providing the easy access to the data owners and the benefits that access provides and the risk of making it know who has access to which system. Any thoughts that you may have will be appreciated. Thanks, Chad McDonald, CISSP Chief Information Security Officer Georgia College & State University Office 478.445.4473 Cell 478.454.8250
Current thread:
- Looking for consesus Chad McDonald, CISSP (Aug 03)
- <Possible follow-ups>
- Re: Looking for consesus Valdis Kletnieks (Aug 03)
- Re: Looking for consesus David Gillett (Aug 03)
- Re: Looking for consesus Waller, Michael A. (HSC) (Aug 03)
- Re: Looking for consesus David L. Rotman (Aug 03)