Re: Public list?

[Kyle Kniffin <kyle () POLK EDU>]

I personally think that it would be nice to have a closed group where the option to share sensitive information would 
be possible. REN-ISAC is an option, however paying fees is something that some organizations cannot afford to do.

I think for a lot of groups it makes sense to have them open and publicly available. However, when it comes to security 
related topics, that group may be better left not public in my opinion.

Thanks,

Kyle Kniffin
Network Engineer
Polk State College
999 Ave. H. NE
Winter Haven, FL 33881
(863) 298-6840
________________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Valerie Vogel 
[vvogel () EDUCAUSE EDU]
Sent: Friday, March 27, 2015 12:31 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Public list?

Hi Gary, Kevin,

The Security Discussion list is one of many EDUCAUSE Constituent and
Discussion Groups. These are open, informal ³communities of practice² and
the lists are typically open for anyone to subscribe. The archives are
also publicly available, and so they are sometimes collected or shared on
sites like seclists.org <http://seclists.org>.

As noted on our website, http://www.educause.edu/discuss: "Postings to a
Constituent Group listserv are indexed and archived in a publicly
searchable format in keeping with the association¹s commitment to open
sharing of ideas, issues, and practices involving information technology
in higher education. This allows quick review of past discussions.²

The suggestion to make the archives private has been raised (and
considered) several times in the past by the Higher Education Information
Security Council (HEISC) Leadership Team, but we have always determined
that leaving the listserv open and the archives publicly accessible were
in the best interest of the community. As noted below, the REN-ISAC is one
option for a closed, vetted community.

We would be happy start a dialog about the pros and cons to our current
approach for this listserv. Please feel free to share your thoughts on
this thread or contact me directly.

Thank you,
Valerie

Valerie Vogel Program Manager

EDUCAUSE
Uncommon Thinking for the Common Good

direct: 202.331.5374 | main: 202.872.4200 | twitter: @HEISCouncil |
educause.edu <http://educause.edu>




On 3/27/15, 7:51 AM, "Kevin Halgren" <kevin.halgren () WASHBURN EDU> wrote:

> RI has some additional requirements that make it less accessible to many
> of us, particularly those more peripherally involved in IT security and
> at smaller institutions that can't afford or are unwilling the pay the
> fee.  This list has value as an adjunct to RI for those who already have
> access and a source of information for those who don't.
>
> I have to admit my original post here I had intended to send to a state
> list (oops), but you can't undo e-mail and I figured it was still
> relevant.
>
> I do question if it is in the common interest for this list to be truly
> public, or at least to publicly available quite so quickly.  Anyone
> interested in taking this issue up with the group sponsors?
>
> I'd be particularly interested in hearing the arguments in favor of list
> archives remaining public.
>
> Kevin
>
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ben Parker
> Sent: Friday, March 27, 2015 9:38 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Public list?
>
> It is all publically available on Educause's website as are all educause
> lists. If you need a private list, look at something like REN-ISAC.
>
> http://listserv.educause.edu/cgi-bin/wa.exe?A0=SECURITY
>
>
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gary Warner
> Sent: Friday, March 27, 2015 10:35 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] Public list?
>
> Is this list INTENDED to be publicly archived and shared?
>
> As I was googling about for something that I saw posted here, I found
> that all of our messages are being shared on seclists.org.
>
> Example:
>
>    http://seclists.org/educause/2015/q1/264
>
>
> Please use caution when sharing information on-list.  Be aware that what
> you post here is being publicly logged.
>
> If this list is NOT supposed to be publicly logged, could we review and
> address that, please?
>
> Thanks!
>
>
>
> ----------------------------------------------------------
>
> Gary Warner
> Director of Research in Computer Forensics The University of Alabama at
> Birmingham Center for Information Assurance and Joint Forensics Research
> 205.422.2113
> gar () cis uab edu
>
> -----------------------------------------------------------

________________________________

Please Note: Due to Florida's very broad public records law, most written communications to or from College employees 
regarding College business are public records, available to the public and media upon request. Therefore, this email 
communication may be subject to public disclosure.

Save a tree - Think before you print this email