Summary Wi-Fi student administrative system SAD

[James Farr '05 <jfarr () UTICA EDU>]

I want to thank everyone who sent comments.  

 

Here are a few good ones to consider:

"Massachusetts law prohibits the transmission of personal data of any
Massachusetts resident over any unencrypted wireless networks"

Lucky for us people who are allowing this access are requiring encryption.
(at least those who responded)

 

I believe everyone that allowed access via wireless also required
encryption.  Most everyone also required a second type of security measure.
Other security measure include Certificates, Limited Access by role, use of
Network Access Controls NAC, use of VLAN's, and use of software such as
Citrix.

 

Another question was proposed. 

Should we open up this access as encryption improves? Think about this quote
before opening the doors:

"if WPA2 is found to have serious defects like every preceding wireless
standard, closing the door after approval will be difficult."  

The next day I ran across this article which talks about WPA2
vulnerabilities
http://www.networkworld.com/newsletters/wireless/2010/072610wireless1.html

 

Two people mentioned access from general purpose labs.   Neither allowed
accessing SAD from general purpose labs even though the labs are wired.
Utica College has a training room where this access is allowed via a thin
client solution (currently in beta testing.)

 

Once again thank you for your input.  This is how we are going to handle it.

Allow Wi-Fi access only as a last resort.

Require Encryption with other technologies.  (probably the NAC and either
certificates or something like Citrix.)

 

IITS will never ask you for your password.  Never email your password to
anyone.

 

James Farr

Information Security Officer

Instructional Technologist

Utica College

 <mailto:jfarr () utica edu> jfarr () utica edu

315-223-2386