[SECURITY]

["Persad, Nadira" <ngpersad () BUFFALO EDU>]

I concur with Mark’s comments.  In line with this discussion, I’m curious about the following and would welcome your 
contributions regarding Guest Wireless:


-        Does your institution offer Guest Wireless service

-        What your registration and authentication process entails

-        Do you verify any information

-        Are there restrictions on what can be accessed

-        What information is tracked/logged

-        How long you retain logging information

Regards,
Nadira

Nadira G Persad
Information Security Officer
University at Buffalo
716-645-9003
Email: ngpersad () buffalo edu<mailto:ngpersad () buffalo edu>

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ben 
Marsden
Sent: Friday, June 12, 2015 12:08 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY]

Been a while since I looked at this, but agree with Mark's assessment.   I also agree with Kevin's sentiment, but with 
this caveat : pragmatically parallel with compliance is nice, but technically in compliance can suck; and I'd really 
rather NOT have some legal enforcement or 3-letter entity telling me what compliance looks like if I can avoid it.  I'd 
also much rather be affirmatively helpful than strong-armed coerced; or in other words, act on a request (with legal's 
blessing) rather than compelled to assist (at legal's insistence).  fwiw,

-- Ben

On Fri, Jun 12, 2015 at 10:17 AM, Kevin Wilcox <wilcoxkm () appstate edu<mailto:wilcoxkm () appstate edu>> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On 12/06/15 06:31, Berman, Mark wrote:

> Bottom line, it's a lot easier to declare yourself exempt than to
> spend money on hardware to try and comply. As far as I know this
> has never been litigated and until it is and a judge says I'm
> wrong, I'll stand on that opinion.

Considering the OTHER benefits you get from having a compliant
network, like being able to identify your users, accounting for each
system on the network, accounting for WHERE each system is on the
network, etc., I would argue that compliance with CALEA is a
side-effect of a well-designed network. If you're worried about what
you'll need to change to be CALEA-compliant, you're already losing in
other critical areas.

kmw
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)

iEYEARECAAYFAlV66gAACgkQsKMTOtQ3fKE3ZgCgoyIONFJitPYYTNq8Gu/lBfSo
XT4An0KeXh0spX4Kb2UTpICaJWHdKy5h
=5h+o
-----END PGP SIGNATURE-----



--
============================================
Ben Marsden : Information Security Director, CISSP/GISP
ITS, Stoddard Hall, Smith College, Northampton, MA 01063
bmarsden [at] smith [.] edu     413 [.] 585 [.] 4479
---------------------------------------------------------------------
=--> Any request to reveal your Smith password via email is fraudulent!