Educause Security Discussion mailing list archives

Re: Student Workers on the Security Team?

From: Adam Carlson <ajcarlson () BERKELEY EDU>
Date: Thu, 23 Apr 2009 11:15:16 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alex,
        My department has a student-lead and staffed security team which
manages a variety of issues and projects.  They primarily handle all
of the residential security problems and questions, which gives them
access to some sensitive systems and student data.  We perform
background checks on these individuals and send them through some
various security-related training sessions.
        Those who have some type of administrator access are also required
to sign a privileged access agreement.  I don't think that we have
them sign a typical non-disclosure agreement, but our campus does
have privacy policies that we get them to read and acknowledge.
        I am fairly new to the department, but there is a long history of
student employees assuming critical administrative and security roles
within RSSP.  Based on my experiences thus far, the department has
definitely benefited from these student workers and we have been able
to accomplish far more than we could have with just a career staff.
        We have had no major incidents (that I am aware of) resulting from
student employees abusing their privileges and for the most part they
are treated with the same trust and respect as career staff.  It also
gives students great work experience and hopefully enhances their
overall college experience as well.

- -Adam

Brown, Alexander wrote:

I'm new to our university and I'm also new to the educational
environment.  We have a VERY small security team and it would be nice to
be able to delegate some tasks to another person.  Do any of you use
students on your security teams and if so, what do you allow them to
access/administer/manage and how much access do you give them?  Do you
have them sign non-disclosure agreements?  Do you have any policies
regarding their employment?



Thanks for any help you can give.



Alex


- --
Adam Carlson
Chief Security Officer
Information Technology
Residential and Student Service Programs
Tel: 510-643-0631
Email: ajcarlson () berkeley edu

"Most of the things worth doing in the world had been declared
impossible before they were done." ~Louis D. Brandeis

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAknwsDQACgkQT0QSLt7kiaCpUQCfTOVf7+Y5vFBG3UzSjK7Cve/V
FEYAniHQAq9zv290Y3udCe6nEqRSP222
=8Uaq
-----END PGP SIGNATURE-----

Current thread:

Student Workers on the Security Team? Brown, Alexander (Apr 23)
- <Possible follow-ups>
- Re: Student Workers on the Security Team? Colleen Keller (Apr 23)
- Re: Student Workers on the Security Team? Adam Carlson (Apr 23)
- Re: Student Workers on the Security Team? Brown, Alexander (Apr 23)
- Re: Student Workers on the Security Team? James Farr (Apr 23)
- Re: Student Workers on the Security Team? Brown, Alexander (Apr 23)
- Re: Student Workers on the Security Team? David Grisham (Apr 23)
- Re: Student Workers on the Security Team? Mclaughlin, Kevin (mclaugkl) (Apr 23)
- Re: Student Workers on the Security Team? Stephen C. Gay (Apr 23)
- Re: Student Workers on the Security Team? Randy Marchany (Apr 24)