Educause Security Discussion mailing list archives
Re: Wireless Guest Access
From: Jeff Giacobbe <giacobbej () MAIL MONTCLAIR EDU>
Date: Thu, 28 Sep 2006 18:42:01 -0400
All- With the recent CALEA rulings and their rather ambiguous language regarding Higher Ed, our institution is taking a wait and see stance on providing any kind of "guest" access to the Internet from our campus wired or wireless networks. The key issue with CALEA as it applies to Higher Ed seems to center around the definition of "private" vs. "public" networks (with private networks being outside the purview of CALEA regulations) It is not clear (at least to me) whether an institution that provides access to the Internet for individuals not directly affiliated with that institution is or is not bound by CALEA. Attached is a CALEA Update email that Mark Luker, VP of EDUCAUSE sent to the EDUCAUSE-PRIMARY list last month. Your mileage may vary, but I recommend checking into this before implementing any kind of guest access from your campus network to the Internet. Regards, Jeff Giacobbe Director of Systems, Security, and Networking Montclair State University Steve Lovaas wrote:
We solve this in two ways: 1) If the parent/potential student is visiting as part of an established program (like orientation), then the sponsoring organization can include a guest login as part of the materials they get at check-in. 2) For individual visitors with no sponsor ("just looking, thanks") there are web-only kiosks in the student center that require no login, as well as terminals in the library. No wireless, but at least they can check their web mail. As for the risks, we feel that we need at least some level of accountability. If a non-login kiosk misbehaves, we can re-evaluate offering such services. Other than that, whether it's an automated process or a manual tracking (like a sign-in sheet at the library or a sponsor's list of conference attendees), we need to be able to get to the source PC/user in the case of legal entanglements. Steve Lovaas Colorado State Matt Arthur wrote: <snip>It sounds like most of you are doing some kind of 'sponsored' guest access (which is what we do for our current system), but how do parents and prospective students find someone to 'sponsor' them? And, do you think (assuming the technical security problems are taken care of) there is large political (or legal) risk in simply allowing folks to come in and use a non-login guest account? Thanks, Matt Matthew K Arthur, CISSP Director, NTS-Enterprise Networks Washington University in St. Louis W: 314.935.7388, F:314.935.7142-- ============================================================== Steven Lovaas, MSIA, CISSP Network & Security Resource Manager Academic Computing & Network Services Colorado State University 970-297-3707 Steven.Lovaas () ColoState EDU ==============================================================
--- Begin Message --- From: educause <educause () EDUCAUSE EDU>
Date: Fri, 25 Aug 2006 09:55:51 -0600
Colleagues, I wish to draw your attention to a new overview of CALEA in higher education that concludes that THE GREAT MAJORITY OF OUR INSTITUTIONS OF HIGHER EDUCATION ARE EXEMPT FROM CALEA REQUIREMENTS AND THEREFORE NEED NOT TAKE ADDITIONAL STEPS REQUIRED BY CALEA AT THIS TIME. Of course, higher education remains fully committed to assisting law enforcement with lawful intercepts under other existing legislation. Prepared by the EDUCAUSE Network Policy Council (NPC), the new letter may be found at http://www.educause.edu/ir/library/pdf/EPO0656.pdf Another document, prepared by the Chair of the EDUCAUSE CALEA Technical Committee, explains some of the technical considerations that go into this judgment. It may be found at http://www.educause.edu/ir/library/pdf/CSD4607.pdf Together, these documents provide a framework as well as additional detail for discussions of this important topic. For an extensive collection of related documents including the ACE overview, see http://www.educause.edu/calea ******************************************************************** PLEASE NOTE Neither the NPC nor EDUCAUSE are providing legal advice on these issues. It is important that campus leaders work with their own legal counsel to interpret all of the information presented in this note and its attachments in the context of their own campus. ********************************************************************* Best wishes, Mark Luker Vice President EDUCAUSE ************************************************** You are receiving this message because you are the primary representative at an EDUCAUSE member institution. For questions, contact EDUCAUSE at <info () educause edu> or 4772 Walnut St., Suite 206, Boulder, CO, 80301. ************************************************** EDUCAUSE is a nonprofit association whose mission is to advance higher education by promoting the intelligent use of information technology. The current membership comprises more than 2,000 colleges, universities, and educational organizations, including 200 corporations, with 15,000 active members. EDUCAUSE has offices in Boulder, Colorado, and Washington, D.C. Learn more at http://www.educause.edu
--- End Message ---
Current thread:
- Wireless Guest Access Matt Arthur (Sep 28)
- <Possible follow-ups>
- Re: Wireless Guest Access Randy Marchany (Sep 28)
- Re: Wireless Guest Access HALL, NATHANIEL D. (Sep 28)
- Re: Wireless Guest Access Christopher Misra (Sep 28)
- Re: Wireless Guest Access Steve Lovaas (Sep 28)
- Re: Wireless Guest Access Geoff Nathan (Sep 28)
- Re: Wireless Guest Access Joe St Sauver (Sep 28)
- Re: Wireless Guest Access Matt Arthur (Sep 28)
- Re: Wireless Guest Access Steve Lovaas (Sep 28)
- Re: Wireless Guest Access Jeff Giacobbe (Sep 28)
- Re: Wireless Guest Access Koerber, Jeff (Sep 28)
- Re: Wireless Guest Access Geoff Nathan (Sep 29)