Educause Security Discussion mailing list archives

Re: Information on Public website

From: Emery Rudolph <ERudolph () UMUC EDU>
Date: Mon, 23 Nov 2009 15:36:38 -0500

Its one thing to publish department information, but quite another to
publish an individual employees information and title. The problem
arises when spammers, vendors, head hunters, etc have free reign to
contact anyone at will. This is more than annoying to the employee,
because there is no filter from these types of contacts. 

While some employees may conceivably benefit from such exposure
(academic advisors) other, behind the scenes employees (system
administrators) would be inconvenienced by students seeking classroom
assistance, when they should be routing those issues directly to their
professors. 


Very Best Regards,

Emery Rudolph
Director, Systems Management
University of Maryland University College
301-985-7447
http://www.umuc.edu

 
 
 

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Greg Schaffer
Sent: Monday, November 23, 2009 2:53 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Information on Public website

At some point there has to be some method for persons/entities outside a
university to contact persons within.  I don't really see any problem
with
the publication of directory information such as this.  Remember that
Accessibility is also an important part of information security...

Greg

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand S Malwade
Sent: Monday, November 23, 2009 1:48 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Information on Public website

I was curious to know what other Institution's policy is regarding
publishing Administrative Staff and faculty information on the
University's
Public website. The information includes Name, Title, Phone #, Location
and
Division.

I my opinion this should be placed behind an authenticated portal as it
maybe be used for Social engineering attacks. Does anyone see potential
privacy concerns ? Any other opinions ?

Thanks

Anand

Seton Hall University.

Current thread:

Information on Public website Anand S Malwade (Nov 23)
- <Possible follow-ups>
- Re: Information on Public website Greg Schaffer (Nov 23)
- Re: Information on Public website Moore, Frank (Nov 23)
- Re: Information on Public website Pete Hickey (Nov 23)
- Re: Information on Public website Greg Schaffer (Nov 23)
- Re: Information on Public website Hugh Burley (Nov 23)
- Re: Information on Public website Emery Rudolph (Nov 23)
- Re: Information on Public website Amber Weishaar (Nov 23)
- Re: Information on Public website Brian Epstein (Nov 23)
- Re: Information on Public website Sarazen, Daniel (Nov 23)
- Re: Information on Public website John Ladwig (Nov 23)