Educause Security Discussion mailing list archives
Re: Data capture protection for security staff
From: Martin Manjak <mm376 () ALBANY EDU>
Date: Tue, 9 Sep 2008 16:00:54 -0400
Here are a few links. The first covers SysAdmin responsibilities and the second is the text of our log-in banner: 1. http://www.albany.edu/policies/computer_usage/#sysadmin 2. http://www.albany.edu/its/authorizeduse.htm Since you asked specifically about the discovery of unauthorized activities, I'm also including one of the sections from the SysAdmins duties: * Policy Violations and Criminal Activity:* If the system administrator, in the performance of duties, uncovers information that an individual is acting inconsistent with this policy, or discovers evidence of criminal activity, the system administrator must report such findings to the appropriate authority.
On Sep 9, 2008, at 3:20 PM, Young, Beth A. wrote:I am looking for example statements that people have used for permission to do packet captures or other traffic/computer analysis that may involved confidential information whether that statement is a blanket policy statement warning every user that there is no expectation of privacy or statements included in job descriptions.
-- Martin Manjak Information Security Officer University at Albany CISSP, GIAC GSEC-G, GCIH, GCWN
Current thread:
- Data capture protection for security staff Young, Beth A. (Sep 09)
- <Possible follow-ups>
- Re: Data capture protection for security staff Bob Kalal (Sep 09)
- Re: Data capture protection for security staff Martin Manjak (Sep 09)
- Re: Data capture protection for security staff Basgen, Brian (Sep 09)
- Re: Data capture protection for security staff Cal Frye (Sep 10)