Educause Security Discussion mailing list archives

Re: [EXT] [SECURITY] DMCA Violation

From: "Pardonek, Jim" <jpardonek () LUC EDU>
Date: Mon, 17 Feb 2020 16:15:18 +0000



  1.  What position is your official DMCA contact point?  (ie CIO, CISO, Director, etc?)  Our official point of contact 
is the CISO.  We have an official mailbox that is registered with the gov't and only accept requests that are sent to 
that mailbox.
  2.  What department does the investigation and tracks back to individual?   (Networking, IT security, etc)  The 
information security office handles the investigation, we assign it to our interns.
  3.  Who does the policy enforcement?  (Student Services, IT, Campus Security, IT Security, etc) Our office of 
conflict resolution does the policy enforcement.

Thanks,

Jim


James Pardonek, MS, CISSP, CEH, GSNA
Associate Director
Chief Information Security Officer
Loyola University Chicago
1032 W. Sheridan Road | Chicago, IL  60660

*: (773) 508-6086

Loyola University Chicago will never ask you for your username or password.
For the latest information security news at Loyola, please follow us online,
Twitter: @LUCUISO
Facebook: https://www.facebook.com/lucuiso/
Our Blog http://blogs.luc.edu/uiso/

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Menne, Michael S
Sent: Monday, February 17, 2020 9:57 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] [EXT] [SECURITY] DMCA Violation

Our CISO (myself) is the point of contact for DMCA violations. We have a mailbox setup for DMCA complaints. The student 
security team does the tracking (pretty simple in most cases), the notifies the offender via a ticket in our ITSM 
system about the violation. They are also sent a link to an online copyright responsibility acknowledgement form. The 
student team sends me a disable request and I'll disable them from the network if they haven't already responded to the 
online form.

This serves as our policy enforcement.  If the same person has a 2nd violation, they are again disabled until I have a 
sit down conversation with them and they have to sign a form.  A third offense requires a sit down with Student Conduct 
and possible academic sanction.  In 5 years, I have yet to come to that step, though I've gotten close once. I had the 
packet completely ready to send to student conduct. We missed a notification, so we treated it as a 2nd offense instead.


Michael Menne, CISSP
Chief Information Security Officer
IT Solutions Information Security
Minnesota State University, Mankato
Phone:  (507) 389-5705
mnsu.edu/cyberaware<https://mnsu.edu/cyberaware>

[signature_2008603909]

Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended 
recipient(s) and may contain confidential and privileged information.  Any unauthorized review, use, disclosure or 
distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply e-mail and 
destroy all copies of the original message.



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Michael Cole
Sent: Monday, February 17, 2020 9:48 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] [EXT] [SECURITY] DMCA Violation

DMCA POC- Network OPS
Tracks it back, and notifies-  Network OPS  info dean of students office.
Policy Enforcement, 1st Tear, ITS, 2nd tear Dean of students office.

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Kimmitt, Jonathan
Sent: Monday, February 17, 2020 10:45 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [EXT] [SECURITY] DMCA Violation

Hi all,

 I have a quick question about how everyone deals with DMCA violations.


  1.  What position is your official DMCA contact point?  (ie CIO, CISO, Director, etc?)
  2.  What department does the investigation and tracks back to individual?   (Networking, IT security, etc)
  3.  Who does the policy enforcement?  (Student Services, IT, Campus Security, IT Security, etc)

Thanks!

-Jonathan

~
Jonathan Kimmitt
CISSP, PCIP, CEH, CIPM,
GPEN, CIPT, CIPP/E, GSNA
Chief Information Security Officer
Information Technology
The University of Tulsa
918.631.2743



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cmichael.menne%40MNSU.EDU%7Cca76b724db1e404d652d08d7b3c0bf2b%7C5011c7c60ab446ab9ef4fae74a921a7f%7C0%7C1%7C637175512736159661&sdata=H7BoCI5ABYMfV5IFD6HvTihVSVguH2FQd6fPrj0wQWQ%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cmichael.menne%40MNSU.EDU%7Cca76b724db1e404d652d08d7b3c0bf2b%7C5011c7c60ab446ab9ef4fae74a921a7f%7C0%7C1%7C637175512736159661&sdata=H7BoCI5ABYMfV5IFD6HvTihVSVguH2FQd6fPrj0wQWQ%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

DMCA Violation Kimmitt, Jonathan (Feb 17)
- Re: [EXT] [SECURITY] DMCA Violation Michael Cole (Feb 17)
  - Re: [EXT] [SECURITY] DMCA Violation Menne, Michael S (Feb 17)
    - Re: [EXT] [SECURITY] DMCA Violation Pardonek, Jim (Feb 17)
- Re: DMCA Violation Frank Barton (Feb 17)
- Re: DMCA Violation Ken Connelly (Feb 17)
  - Re: DMCA Violation Francisco Chavez (Feb 17)
  - Re: DMCA Violation Ben Marsden (Feb 17)
    - Re: DMCA Violation Jim A. Bole (Feb 17)
    - Re: DMCA Violation Menne, Michael S (Feb 17)
    - Re: DMCA Violation Scantlin, Aaron J. (Feb 17)
- Re: DMCA Violation King, Ronald A. (Feb 17)
- Re: DMCA Violation John K Lerchey (Feb 17)
  - Re: DMCA Violation Kimmitt, Jonathan (Feb 17)

(Thread continues...)