Re: FTC and Red Flag Rule

[Ahmed S Ahmed <aahmed4 () GMU EDU>]

Hi Kevin:

I would also be interested in your findings.

Have a nice weekend

Thank you

Best regards, Ahmed

----- Original Message -----
From: Ed Nila <enila () PACIFICOAKS EDU>
Date: Friday, October 10, 2008 11:05 am
Subject: Re: [SECURITY] FTC and Red Flag Rule

> Kevin,
>
>
>
> As with the others I would also be interested in your findings.
>
>
>
> Ed Nila
>
>
>
> ________________________________
>
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Smith, Bob
> Sent: Thursday, October 09, 2008 9:09 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] FTC and Red Flag Rule
>
>
>
> Kevin,
>
>
>
> I would be interested in this information.
>
>
>
> Bob Smith
>
> Information Security Officer
>
> Longwood University
>
>
>
>
>
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mclaughlin, Kevin
> (mclaugkl)
> Sent: Wednesday, October 08, 2008 3:38 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] FTC and Red Flag Rule
>
>
>
> Hi Anand:
>
>
>
> We are affected, or at least that is what my treasurer, GC and myself
> believe based on our research into this.    I am currently going
> throughthe final set of red flag rules and trying to prepare a
> high level
> executive summary of what I think this means.  Of the 328 pages I have
> been able to drop it down to 120 and am hoping to get that to a
> documentunder 10 pages that is basically a  "this is what you
> should be doing"
> doc.
>
>
>
> If interested in getting a copy of that document (probably be
> early next
> week before I am finished with it) just let me know.
>
>
>
> -Kevin
>
>
>
>
>
> Kevin L. McLaughlin
>
> CISM, CISSP, GIAC-GSLC,PMP, ITIL Master Certified
>
> Director, Information Security
>
> University of Cincinnati
>
> 513-556-9177 (w)
>
> 513-703-3211 (m)
>
> 513-558-ISEC (department)
>
>
>
>
>
>
>
>
>
>
> CONFIDENTIALITY NOTICE: This e-mail message and its content is
> confidential, intended solely for the addressee, and may be legally
> privileged. Access to this message and its content by any
> individual or
> entity other than those identified in this message is
> unauthorized. If
> you are not the intended recipient, any disclosure, copying or
> distribution of this e-mail may be unlawful. Any action taken or
> omitteddue to the content of this message is prohibited and may be
> unlawful.
>
>
>
>
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand Malwade
> Sent: Wednesday, October 08, 2008 3:24 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] FTC and Red Flag Rule
>
>
>
>
> Hi,
>
> Does anyone know if Educational Institutions are affected by the FTC's
> Red flag rule about maintaining an Identity Theft program ? If yes has
> anyone implemented or has a roadmap for deployment?
> In my opinion if the rule is indeed applicable, the Institution's
> LegalCounsel should drive the initiative and not IT.
>
> Any suggestions are welcome.
>
>
> http://www.dciginc.com/2008/08/ftc-issues-red-flag-rules-reminder-
> ensuring-i.html
> <http://www.dciginc.com/2008/08/ftc-issues-red-flag-rules-reminder-
> ensuring-i.html>
>
> http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm
> <http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm>
>
>
>
> Thanks,
> Anand
>
>
>
> Anand Malwade, CISSP,CISM,CISA.
> Information Security Officer,
> Seton Hall University,
> malwadan () shu edu