Educause Security Discussion mailing list archives
Re: Blocked URL Categories
From: Babak Oskouian <boskouia () MILLS EDU>
Date: Fri, 27 Oct 2017 13:01:14 -0700
At Mills College we follow the same line of reasoning: allowing access to everything for research purposes while blocking malware, phishing and Command & Control sites. Babak *Babak Oskouian, Ph.D. | Campus Network Engineer | Information Security Officer* *Mills College | 5000 MacArthur Blvd | Oakland, CA 94613-1301* *Babak Oskouian, Ph.D. | Campus Network Engineer | Information Security Officer* *Mills College | 5000 MacArthur Blvd | Oakland, CA 94613-1301* *Office: Stern Hall 007; Phone: 510-430-2224 <510-430-2224>* On Fri, Oct 27, 2017 at 12:57 PM, Frank Barton <bartonf () husson edu> wrote:
We block known malicious sites, and we also maintain an internal black-list of sites that haven't hit the routine lists yet other than that, it's open season on the internet. Frank On Fri, Oct 27, 2017 at 3:50 PM, Ronald King <ronald.king () morgan edu> wrote:That is too true. Thank you everyone that has responded. These are great ideas to help strengthen our stance. Ron *Ronald A. King, CISSP* Chief Information Security Officer Morgan State University Office: (443) 885-3372 1700 E. Cold Spring Ln <https://maps.google.com/?q=1700+E.+Cold+Spring+Ln&entry=gmail&source=g>. Email: ronald.king () morgan edu Baltimore, MD 21251 URL: http://www.morgan.edu *Growing the future ... Leading the world* <http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf> On Fri, Oct 27, 2017 at 1:46 PM, Ruth Ginzberg <rginzberg () uwsa edu> wrote:Another thought: Your AUP also prohibits use for profit-making purposes, but I bet nobody is complaining about allowing access to business publications or marketing associations. What’s the difference? Students and faculty have the right, and possibly the obligation, to study activities that your AUP would not allow them to do. Ruth Ginzberg 608-890-3961 <(608)%20890-3961> *From:* The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Ronald King *Sent:* Friday, October 27, 2017 11:57 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Blocked URL Categories Good afternoon, We are a public institution in Maryland. We are being questioned by our state auditors as to why we permit access to the URL categories abused-drugs, extremism, hacking, and gambling when our AUP states IT resources are not to be used for illegal activities or "for commercial, religious, political (including activities supporting the nomination of any person for political office or attempting to influence the vote in any election or referendum), solicitation, or profit-making purposes." Along with academic freedom, the perspective I have been arguing is one to permit access to the sites. The argument is, just because a student accesses a gambling website does not mean they are gambling. So, my questions to the group are: · Do you block these URL categories by default? · If so, how do you address the request to research in areas that might require access to these URLs? · How did you convince the auditors it was necessary to allow access to these categories? As always, responses can be addressed directly to me or via the listserv. Thank you for your input! *Ronald A. King, CISSP* Chief Information Security Officer Morgan State University Office: (443) 885-3372 1700 E. Cold Spring Ln <https://maps.google.com/?q=1700+E.+Cold+Spring+Ln&entry=gmail&source=g> . Email: ronald.king () morgan edu Baltimore, MD 21251 URL: http://www.morgan.edu *Growing the future ... Leading the world* <http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf>-- Frank Barton Security+, ACMT IT Systems Administrator Husson University
Current thread:
- Re: Blocked URL Categories, (continued)
- Re: Blocked URL Categories Ruth Ginzberg (Oct 27)
- Re: Blocked URL Categories Jones, Mark B (Oct 27)
- Re: Blocked URL Categories Adam Maynard (Oct 27)
- Re: Blocked URL Categories Bradley, Stephen (Oct 27)
- Re: Blocked URL Categories Ladwig, John M (Oct 27)
- Re: Blocked URL Categories Garrett Hildebrand (Oct 27)
- Re: Blocked URL Categories Mccormick, Kevin (Oct 27)
- Re: Blocked URL Categories Ruth Ginzberg (Oct 27)
- Re: Blocked URL Categories Ronald King (Oct 27)
- Re: Blocked URL Categories Frank Barton (Oct 27)
- Re: Blocked URL Categories Babak Oskouian (Oct 27)
- Re: Blocked URL Categories Frank Barton (Oct 27)
- Re: Blocked URL Categories Garrett Hildebrand (Oct 27)
- Re: Blocked URL Categories Ronald King (Oct 27)
- Re: Blocked URL Categories Ruth Ginzberg (Oct 27)