Educause Security Discussion mailing list archives
Re: policy question?
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Fri, 29 Oct 2010 12:07:25 -0400
On Fri, 29 Oct 2010 09:34:55 MDT, "SCHALIP, MICHAEL" said:
Do you enforce the "you must be this tall..." strictly through policy, or through technology?....NAC? Something else?
Mostly policy, with the occasional reminder that failures are your own problem (see below). We also distribute a free 'VTNet' CD (components also available online), which will automatically install A/V software and do most of the security hardening needed, so there's really no excuse for having a too-short system. http://www.vtnet.vt.edu/ A number of years ago, we had a relatively high-profile hack on campus. The upshot was that a professor ended up with one of his machines missing a hard drive, which was in an evidence bag (this was back when a hard drive was still a good chunk of change). Prof asks department chair for department funds for a new hard drive, department chair says "No, you didn't secure the system, so the money's coming out of *your* budget, not mine". Randy was *very* busy with giving security classes to departments once that story started going around the rumor mill... :)
Attachment:
_bin
Description:
Current thread:
- policy question? Anand S Malwade (Oct 28)
- Re: policy question? SCHALIP, MICHAEL (Oct 28)
- Re: policy question? Dr. Wole Akpose (Oct 29)
- Re: policy question? randy marchany (Oct 29)
- Re: policy question? Joel Rosenblatt (Oct 29)
- Re: policy question? SCHALIP, MICHAEL (Oct 29)
- Re: policy question? Bristol, Gary L. (Oct 29)
- Re: policy question? randy marchany (Oct 29)
- Re: policy question? Valdis Kletnieks (Oct 29)
- Re: policy question? Dr. Wole Akpose (Oct 29)
- Re: policy question? SCHALIP, MICHAEL (Oct 28)
- <Possible follow-ups>
- Re: policy question? Rosenthal, Jane E. (Nov 04)
- Re: policy question? Soldi, Miguel (Nov 04)