Educause Security Discussion mailing list archives
Re: Login/Logoff Activity
From: Eric Case <eric () ERICCASE COM>
Date: Wed, 24 Apr 2013 22:15:57 -0700
Hi Will, Is management willing to "live by the sword and die by the sword" (hire more staff if the logs show the staff is overworked)? How will management deal with the logs being easily gamed (not logging out)? What about unintended consequences (your honor, I was logged in at work at the time of the hit and run)? What does your general counsel think of the idea? What if someone doesn't log in but checks email via the web or phone? I believe IT should be an enabler for employees to do more and that includes allowing people to work from home without getting their coworkers sick. Do you have a pandemic plan? Can an employee take a sick day because of a sick child but get some work done from home? What if someone takes a sick day, never logs in, and goes shopping / site seeing with an out of town friend / relative? What if someone doesn't take a sick day but schedules meetings off site and goes shopping / site seeing with an out of town friend / relative? I don't believe IT should be an enabler for employees or management to not do their jobs and what the IA wants can be achieved via forensics on the "home" pc, credit cards, etc. If management is really doing their job, login/logoff activity will be an non-issue. -Eric IT professionals will never ask for your password - not in email - not over the phone, never. Eric Case, CISSP ecase (at) email (dot) arizona (dot) edu College of Architecture, Planning, and Landscape Architecture http://www.linkedin.com/in/ericcase IT professionals will never ask for your password - not in email - not over the phone, never. Eric Case, CISSP eric (at) ericcase (dot) com http://www.linkedin.com/in/ericcase (520) 344-CISO (2476) From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Will Froning Sent: Wednesday, April 24, 2013 8:24 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Login/Logoff Activity Hello All, On Thu, Apr 25, 2013 at 3:27 AM, Harry Hoffman <hhoffman () ip-solutions net <mailto:hhoffman () ip-solutions net> > wrote: Nah, this just means that Joe has outsourced his job for a quarter of his pay and browses reddit and 4chan all day long ;-) Cheers, Harry On 04/24/2013 06:24 PM, Valdis.Kletnieks () vt edu <mailto:Valdis.Kletnieks () vt edu> wrote:
On Wed, 24 Apr 2013 15:01:36 -0400, Walter Moore said:
On the other hand, a login from Zanzibar is even *more* suspect if Joe is sitting in his office. :)
This is a request from the internal auditor to see if it is common practice to monitor this in academia (starting to look heavily like NO). As others on the list have mentioned, this is really a management issue at it's core. The rebuttal for that comment was something like: "If technology can help us to identify a management weakness, we can make corrective policy driven actions to fix the weakness. IT isn't there to fix the problem, but to provide visibility into whether or not there is a problem to correct." So excluding the potential privacy concerns (which wouldn't really apply in the corporate world), in their mind it's just using IT as a tool for efficiency. Not defending, just relaying. Thanks, Will -- Will Froning Unix SysAdmin Will.Froning () GMail com <mailto:Will.Froning () GMail com> MSN: wfroning () angui sh <mailto:wfroning () angui sh> YIM: will_froning AIM: willfroning
Current thread:
- Login/Logoff Activity Will Froning (Apr 23)
- Re: Login/Logoff Activity Justin Bennett (Apr 24)
- Re: Login/Logoff Activity Walter Moore (Apr 24)
- Re: Login/Logoff Activity Valdis Kletnieks (Apr 24)
- Re: Login/Logoff Activity Justin Bennett (Apr 24)
- Re: Login/Logoff Activity Harry Hoffman (Apr 24)
- Re: Login/Logoff Activity Will Froning (Apr 24)
- Re: Login/Logoff Activity Eric Case (Apr 24)
- Re: Login/Logoff Activity Will Froning (Apr 24)
- Re: Login/Logoff Activity Tim Doty (Apr 25)
- Re: Login/Logoff Activity Walter Moore (Apr 24)
- Re: Login/Logoff Activity Justin Bennett (Apr 24)
- Re: Login/Logoff Activity Eric Case (Apr 24)
- <Possible follow-ups>
- Re: Login/Logoff Activity Shane Williams (Apr 25)