Educause Security Discussion mailing list archives
Re: Faculty handling of student data
From: "Payne, Shirley (scp8b)" <scp8b () VIRGINIA EDU>
Date: Mon, 30 Jun 2008 15:48:13 -0400
Here's the policy definition for "Individual-Use Electronic Devices": Computer equipment, whether owned by the University or an individual, that has a storage device or persistent memory, such as desktop computers, laptops, tablet PCs, BlackBerrys and other personal digital assistants (PDAs), and smart phones. For purposes of this policy, the term does not include shared purpose devices, such as servers (including shared drives), printers, routers, switches, firewall hardware, clinical workstations, medical devices (e.g., EKG machines), etc. The policy doesn't address browser caches. Not a 100% solution, I know, but compliance with what is included will greatly reduce risks we face here. Shirley -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valdis Kletnieks Sent: Monday, June 30, 2008 3:17 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Faculty handling of student data On Mon, 30 Jun 2008 14:57:33 EDT, "Payne, Shirley (scp8b)" said:
Briefly stated, the policy prohibits the storage of highly sensitive data on individual-use electronic devices
Out of curiosity, what does the policy say about browser caches on said electronic devices? And what do you define as "individual-use"? In many cases, that would cover almost everything except central servers - which is OK, as long as that's understood.
Current thread:
- Faculty handling of student data Basgen, Brian (Jun 30)
- <Possible follow-ups>
- Re: Faculty handling of student data Di Fabio, Andrea (Jun 30)
- Re: Faculty handling of student data Payne, Shirley (scp8b) (Jun 30)
- Re: Faculty handling of student data Mark Houpt (Jun 30)
- Re: Faculty handling of student data Valdis Kletnieks (Jun 30)
- Re: Faculty handling of student data Payne, Shirley (scp8b) (Jun 30)
- Re: Faculty handling of student data Basgen, Brian (Jun 30)
- Re: Faculty handling of student data Payne, Shirley (scp8b) (Jun 30)