Re: Wi-Fi student administrative system

["Solem, Vik P." <Vik.Solem () TUFTS EDU>]

It's my understanding that Massachusetts law prohibits the transmission of personal data of any Massachusetts resident 
over any unencrypted wireless networks.  I like that as a starting point, but my personal preference is for high-value 
data to be more protected than other data, including defense-in-depth measures such as no-wireless-access, at least not 
unless the connections are further encrypted (e.g. via VPN).  A few minutes on youtube can provide numerous examples of 
how to break wireless encryption with free tools.

Just my opinion.

-Vik


On Aug 30, 2010, at 10:47 , James Farr '05 wrote:

> We are in the process of upgrading our Wi-Fi infrastructure and the topic of
> using Student Administrative Systems on Wi-Fi has come up.
> We currently only allow access limited to special circumstances and only
> allow connections from certain networks which are encrypted.  Users want
> Wi-Fi, I would prefer that they wait will a hard wire connection is
> available. I am trying to balance usability with Security so I am wondering
> how others feel.
>
> Do you allow the use of Student Administrative systems via Wireless (Banner,
> Datatel, PeopleSoft)
> What type of protection do you use?  (encryption, the use of a NAC to put
> people in special Vlans, Citrix/SGD, other)
>
> James Farr
> Information Security Officer
> Instructional Technologist
> Utica College
> jfarr () utica edu
> 315-223-2386


-Vik

Vik Solem, CISSP, Sr. Applications Risk Consultant
Tufts University, Information Security, vik.solem () tufts edu / 617-627-4326
InfoSec Team: information_security () tufts edu / 617-627-6070

Check Out the UIT Information Security Team blog
http://blogs.uit.tufts.edu/infosecteamblog/