Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

[SECURITY]

From: "Berman, Mark" <mberman () SIENA EDU>
Date: Tue, 20 Aug 2013 06:42:34 -0400
When I worked in the Massachusetts State University System we were told by
our attorneys that publishing the policy is enough to make people
responsible and that requiring folks to sign off on it just gives them a
potential legal excuse if they *don't* sign.

FWIW.

 - Mark
--
Mark Berman, Chief Information Officer
Siena College
515 Loudon Road
Loudonville, NY  12211
(518)782-6957,  Fax: (518)783-2590
*Siena College is a learning community advancing the ideals of a liberal
arts education, rooted in its identity as a Franciscan and Catholic
institution.
*
*CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the
sole use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure, or
distribution is prohibited. If you received this e-mail and are not the
intended recipient, please inform the sender by e-mail reply and destroy
all copies of the original message.*


Content-Type: text/html

We require an annual password change, and the process requires the
acceptance of our usage policy.



*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:[log in to
unmask]<http://listserv.educause.edu/cgi-bin/wa.exe?LOGON=A3%3Dind1308%26L%3DSECURITY%26E%3Dquoted-printable%26P%3D134667%26B%3D--_000_2C17E27E26DEE641AEECF7583B3CAB1A2581D978evcspmbx1adsnor_%26T%3Dtext%252Fhtml%3B%2520charset%3Dus-ascii>
.EDU] *On Behalf Of *Michael J. Kenney
*Sent:* Monday, August 19, 2013 10:53 AM
*To:* [log in to
unmask]<http://listserv.educause.edu/cgi-bin/wa.exe?LOGON=A3%3Dind1308%26L%3DSECURITY%26E%3Dquoted-printable%26P%3D134667%26B%3D--_000_2C17E27E26DEE641AEECF7583B3CAB1A2581D978evcspmbx1adsnor_%26T%3Dtext%252Fhtml%3B%2520charset%3Dus-ascii>
*Subject:* [SECURITY] annual AUP acknowledgement required?



Just curious if anyone knew if it’s required from an audit perspective to
have faculty, staff and student acknowledge an Acceptable Use Policy on an
annual basis? We have each user accept this policy before their account is
enabled and wanted to know if this is enough to check the box. Also, if you
require an annual acknowledgement, what technology method are using to have
user digitally accept the policy?



Thank you,



Michael
Previous By Date Next
Previous By Thread Next

Current thread: