Educause Security Discussion mailing list archives

Re: RIAA Notices

From: "Scholz, Greg" <gscholz () KEENE EDU>
Date: Tue, 27 Jan 2009 09:53:16 -0500

We used to have a 3 strike rule with a 48hr notification period before
turning them off. 3rd strike went to Judicial affairs for decision.

We now treat every offense the same. We "turn off" immediately. The turn
off is actually a redirect page using our Shaper to send all requests to
a web page letting them know there suspected offense and how to fix it.
They stay like that until they come in and talk to security manager
which must be by appointment so it does force them to be turned off for
a least a couple days. We also send every offense to Judicial but leave
it to them if they choose to pursue.

We also started blocking all P2P possible at the same time we changed
this penalty procedure and have not gotten a notice since. We allow
users to request P2P access for legitimate purposes but have not had to
service a request for that either.

 

_________________________

Thank you,

Gregory R. Scholz

Director of Telecommunications

Information Technology Group

Keene State College

(603)358-2070

 

--If you don't have time to do it right, when will you have time to do
it over?

--Do not let what you cannot do interfere with what you can do.

                - John Wooden

 

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Brenda B Gombosky
Sent: Tuesday, January 27, 2009 9:44 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] RIAA Notices

From reading all the threads - we must get more than our fair share - we

are still averaging about 40 + a month.  We do not block P2P nor do we
use NAT.  We use clean access in our dorms so we can track a student
down to the bed in the room.  A little harder with wireless and with
faculty staff as you have to dig through logs.  

 

I am interested in know the Penalties in place - if any - Network
shutoff?  Wired and Wireless? Length of time, first offense, second
offense etc.

 

We are reviewing our policies right now and though the RIAA says it is
backing off - we haven't seen it yet.  

 

Thanks in advance for sharing your policy.

 

Brenda B. Gombosky, CISSP, CISM, CHSP
Director, Enterprise Security  

Information Technology
University of Louisville
Miller IT Center, Room 109
Louisville, KY 40292
(502)852-5037
(502)419-6689

Current thread:

Re: RIAA Notices, (continued)
- Re: RIAA Notices Stanclift, Michael (Jan 26)
- Re: RIAA Notices John Lerchey (Jan 26)
- Re: RIAA Notices John Kaftan (Jan 26)
- Re: RIAA Notices Anthony Maszeroski (Jan 26)
- Re: RIAA Notices Michael Sana (Jan 26)
- Re: RIAA Notices Stanclift, Michael (Jan 26)
- Re: RIAA Notices Doty, Timothy T. (Jan 26)
- Re: RIAA Notices Tim Cline (Jan 27)
- Re: RIAA Notices Brenda B Gombosky (Jan 27)
- Re: RIAA Notices Joel Rosenblatt (Jan 27)
- Re: RIAA Notices Scholz, Greg (Jan 27)
- Re: RIAA Notices Ken Connelly (Jan 27)
- Re: RIAA Notices Stanclift, Michael (Jan 27)
- Re: RIAA Notices Peter Charbonneau (Jan 27)
- Re: RIAA Notices Bob Bayn (Jan 27)
- Re: RIAA Notices Cal Frye (Jan 27)
- Re: RIAA Notices Valdis Kletnieks (Jan 27)
- Re: RIAA Notices Doty, Timothy T. (Jan 27)
- Re: RIAA Notices Steve Worona (Jan 28)
- Re: RIAA Notices Manuel Amaral (Jan 29)