Re: Foreign Nationals

[Valdis Kletnieks <valdis.kletnieks () VT EDU>]

On Wed, 30 May 2012 16:46:35 -0400, Dean Halter said:

> there some greater risk to my environment from an international
> student, possibly sponsored by an aggressive nation-state, attempting
> to hack into resources from the inside or serving as a student
> employee and, if so, are there tools/techniques to mitigate this
> additional risk specifically?

To your general, non-sensitive computing environment?  Just the regular
stuff like online instruction, registrar's office, payroll, etc?

Your biggest danger there is that some foreign student will hack into your
grades system to preserve his student visa status.  Unless it gets hacked first
by some US citizen student who doesn't want to fail out either.

Seriously - if foreign students are a bigger danger to your *general computing
environment* than the rest of your student population, or the rest of the
people in your community that can walk onto your campus, or the rest of the
Internet, you're doing something *else* wrong.

What about foreign *professors* and visiting lecturers and sabatticals?
Employees who may still have ties to foreign countries? Citizens of other
countries that can walk onto your campus? Anybody who speaks languages other
than English? Oh, and don't forget that administrative assistant who was born
in your town, grew up there, been working there for a decade - but is under
financial stress due to a gambling problem you don't know about.

Which one of those is the biggest *real* threat to your general computing
environment? And if you aren't putting special security controls on *that*
person, why are you thinking about putting them on less risky people?

Attachment: _bin
Description: