Re: Consensus About Open Guest Access

["Dr. Wole Akpose" <wole.akpose () MORGAN EDU>]

Registered conference users get a guest account that is useful for the
duration of the conference. Each account is assigned to a user. Account
creation is managed locally, at the conference site / workshop site,
usually 24 hours before the event and distributed on event date.

*W. Akpose
*


On Tue, Jun 12, 2012 at 2:01 PM, Jim Pardonek <jpardonek () luc edu> wrote:

>  Ok so I'm hijacking my own email thread.  Those of you that host
> conferences, how do you handle guest WLAN access for the conference
> attendees and presenters?  I've checked the guest access pages from several
> edu's but they only mention sponsored guest access and really don't address
> a conference.  We are in the process of separating our medical schools from
> our hospital.  They have had their own methods of supplying guest access
> which in my view is not very secure nor does it make anyone accountable for
> usage.  We struggle with having a set of conference IDs that we recycle and
> change the passwords on after every conference.  We were thinking that
> since we have to address this at our med schools, we may want to look at
> our conference guest access for the whole university.
>
> Thanks,
>
> Jim
>
>
>  *James Pardonek, CISSP, CEH*
> *Information Security Officer**
> Loyola University Chicago
> **1032 W. Sheridan Road | Chicago, IL  60660
> **
> (**: (773) 508-6086 <508-6086 () purduecal edu>*
> > > > "Routen, Nathan" <NRouten () MAIL TWU EDU> 6/11/2012 1:30 PM >>>
>
> Here is one specific example to consider..
>
> Any traffic that remains within the University's private network does not
> need to be CALEA compliant as it falls within the "Private Network"
> exception.  However, communication traffic that travels to the Public
> Switch Telephone Network (PSTN) or the Public Internet does have a CALEA
> requirement.  At that point, it must be decided who has the CALEA
> obligation.  If the University acts as its own ISP, I would assume that
> they have the obligation.  Also, if the University implements dynamic IP
> addresses for local end points it would need to provide the end user
> associated with that dynamic address for an authorized interception.
>
> As you have probably noticed, determining whether an entity needs to be
> CALEA compliant is not a simple question.  I suggest that you pose the
> question to your legal resources before initiating any action.
>
> Nate
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv [mailto:
> SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Julian Y Koh
> Sent: Monday, June 11, 2012 1:22 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Consensus About Open Guest Access
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Mon Jun 11 2012 13:10:36 Central Time, Roger A Safian wrote:
> > We have this.  Guest wireless is open, you need to enter your email,
> name, etc. and you get 24 hours of access.  We’ve only been doing it for a
> few months and so far we have had no issues with several thousand users.
>
> 8300+ unique devices since March 28, to be a little more specific.  :)
>
> There are obviously a lot of dips and peaks in some of our data, but we're
> averaging over 260 unique registrations every day, with a max just under
> 500 a couple of times.
>
> - --
> Julian Y. Koh
> Manager, Network Transport, Telecommunications and Network Services
> Northwestern University Information Technology (NUIT)
> 2001 Sheridan Road #G-166
> Evanston, IL 60208
> 847-467-5780
> NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<
> http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools - http://gpgtools.org
>
> iEYEARECAAYFAk/WNysACgkQDlQHnMkeAWOh+ACg9w/J1JCG3yVOUlMjj8MZJm8n
> 0SwAoLAWdrSenKnsRWYmVvuP5Yq124UQ
> =tawG
> -----END PGP SIGNATURE-----