Educause Security Discussion mailing list archives
Re: Open access to student labs
From: "clementz.7" <clementz.7 () OSU EDU>
Date: Wed, 20 Dec 2006 15:53:28 -0500
Here at the school of Architecture we also require authentication at the workstation through our domain as well as an ID card swipe at the lab. On public university computers there is no login, but when accessing the internet they are required to authenticate. So in the case of sending a potential harmful use or email. On both types of computers there are strict Group and Local policies preventing users from doing anything harmful. Whatever technical challenges there may be I think it is our responsibility as administrators to provide the most secure access for the users as well as covering our own hides. The system we use for our doors is Lenel and the software we use to upload it is BEST. Good Luck and Merry Christmas. Todd Clementz Systems Administrator Knowlton School of Architecture The Ohio State University 614.292.8544 -----Original Message----- From: Hull, Dave [mailto:dphull () KU EDU] Sent: Wednesday, December 20, 2006 3:40 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Open access to student labs I've been in my current position for a few short months and haven't learned everything yet and have been surprised by a few things. Firstly, we have several computer labs. All are protected at their main entry points by Omnilock(tm) keypad locks, but (here's the disappointing, surprising part) the combinations have never been changed and all students use the same combination, though different labs are keyed differently. Once in the labs, all users are required to login using an account in our domain. We charge students for printing and enforce storage quotas. All of our labs are also equipped with cameras and a recording device that (another recently discovered surprise) hasn't actually been recording anything since early October. I'm hoping to address the Omnilock situation in the future; assigning unique combinations to each student and changing them once a semester. The trouble is, students will share their combinations and I don't see any good way of preventing that. We will have the camera recorder up and running again soon. I can't imagine running a publicly accessible lab without requiring some sort of authentication at the workstation, that's got to make it extremely difficult to tie a security incident to an individual user. -- Dave Hull, CISSP, CHFI IT Director KU School of Architecture & Urban Design 785-864-2629 -----Original Message----- From: Boaz Gelbord [mailto:GelbordB () NEWSCHOOL EDU] Sent: Wednesday, December 20, 2006 2:26 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Open access to student labs Dear all, I would be interested in knowing how many institutions have student labs with open access versus forcing users to login. At the New School we have open labs in which students need to identify themselves at the front desk but can then just sit in front of a terminal and work without logging in (we also have some public terminals in the cafeteria and elsewhere where no ID is required). These machines are locked down so that students have no administrative privileges. Forcing users to login at the labs would be a technical challenge and create extra work for our helpdesk but would help us track down users who violate our policies or in case of an incident. If you would like to answer me off the list I can aggregate the answers and send out a summary. Thanks and happy holidays- Boaz. Boaz Gelbord Manager of Information Security The New School 55 West 13th Street NYC 10011 www.newschool.edu
Current thread:
- Open access to student labs Boaz Gelbord (Dec 20)
- <Possible follow-ups>
- Re: Open access to student labs Hull, Dave (Dec 20)
- Re: Open access to student labs clementz.7 (Dec 20)
- Re: Open access to student labs Ken Connelly (Dec 20)
- Re: Open access to student labs Samuel Young (Dec 20)
- Re: Open access to student labs Greg Vickers (Dec 20)
- Re: Open access to student labs Ken Martin (Dec 20)
- Re: Open access to student labs Keith Furrow (Dec 21)
- Re: Open access to student labs Boaz Gelbord (Dec 22)
- Re: Open access to student labs Dave Koontz (Dec 22)