Re: policy question?

["SCHALIP, MICHAEL" <mschalip () CNM EDU>]

Excellent question - we were just wondering about this ourselves!!  We've got faculty and staff bringing in personal 
equipment and asking us to connect them to the "business network".  In some cases - we've complied - but now, I'm 
asking whether this is appropriate.  It even comes down to asking us to install software on a college-owned system to 
allow them to sync their personal cell phone with the system (e-mail, calendars, etc.)  For the most part - this is 
pretty benign, but what if they sync a message that has FERPA, budget, or other flavors of data in it?

Thanks.....looking forward to the responses....

M

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand S 
Malwade
Sent: Thursday, October 28, 2010 1:30 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] policy question?

I was wondering if other institutions have a general Policy that


a)       explicitly prohibits Employees and administrators from using personal laptops or computing equipment for 
conducting university business ? The Assumption is that they are provided university owned equipment with standard 
images with up to-date security updates and protection.

b)      Prohibits Student Workers/GA's from handling confidential information when working with certain departments.


Thanks,
Anand



Anand Malwade
IT Security
Seton Hall University



--
This message has been scanned for viruses and
dangerous content by MailScanner<http://www.mailscanner.info/>, and is
believed to be clean.

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.