Educause Security Discussion mailing list archives
[SECURITY]
From: "Persad, Nadira" <ngpersad () BUFFALO EDU>
Date: Fri, 12 Jun 2015 19:24:32 +0000
I concur with Mark’s comments. In line with this discussion, I’m curious about the following and would welcome your contributions regarding Guest Wireless: - Does your institution offer Guest Wireless service - What your registration and authentication process entails - Do you verify any information - Are there restrictions on what can be accessed - What information is tracked/logged - How long you retain logging information Regards, Nadira Nadira G Persad Information Security Officer University at Buffalo 716-645-9003 Email: ngpersad () buffalo edu<mailto:ngpersad () buffalo edu> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ben Marsden Sent: Friday, June 12, 2015 12:08 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Been a while since I looked at this, but agree with Mark's assessment. I also agree with Kevin's sentiment, but with this caveat : pragmatically parallel with compliance is nice, but technically in compliance can suck; and I'd really rather NOT have some legal enforcement or 3-letter entity telling me what compliance looks like if I can avoid it. I'd also much rather be affirmatively helpful than strong-armed coerced; or in other words, act on a request (with legal's blessing) rather than compelled to assist (at legal's insistence). fwiw, -- Ben On Fri, Jun 12, 2015 at 10:17 AM, Kevin Wilcox <wilcoxkm () appstate edu<mailto:wilcoxkm () appstate edu>> wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/06/15 06:31, Berman, Mark wrote:
Bottom line, it's a lot easier to declare yourself exempt than to spend money on hardware to try and comply. As far as I know this has never been litigated and until it is and a judge says I'm wrong, I'll stand on that opinion.
Considering the OTHER benefits you get from having a compliant network, like being able to identify your users, accounting for each system on the network, accounting for WHERE each system is on the network, etc., I would argue that compliance with CALEA is a side-effect of a well-designed network. If you're worried about what you'll need to change to be CALEA-compliant, you're already losing in other critical areas. kmw -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iEYEARECAAYFAlV66gAACgkQsKMTOtQ3fKE3ZgCgoyIONFJitPYYTNq8Gu/lBfSo XT4An0KeXh0spX4Kb2UTpICaJWHdKy5h =5h+o -----END PGP SIGNATURE----- -- ============================================ Ben Marsden : Information Security Director, CISSP/GISP ITS, Stoddard Hall, Smith College, Northampton, MA 01063 bmarsden [at] smith [.] edu 413 [.] 585 [.] 4479 --------------------------------------------------------------------- =--> Any request to reveal your Smith password via email is fraudulent!
Current thread:
- [SECURITY] Berman, Mark (Jun 12)
- [SECURITY] Kevin Wilcox (Jun 12)
- [SECURITY] Ben Marsden (Jun 12)
- [SECURITY] Persad, Nadira (Jun 12)
- [SECURITY] Ben Marsden (Jun 12)
- [SECURITY] Tracy Beth Mitrano (Jun 13)
- [SECURITY] Rossella Mariotti-Jones (Jun 13)
- [SECURITY] Tracy Beth Mitrano (Jun 13)
- [SECURITY] Rossella Mariotti-Jones (Jun 13)
- [SECURITY] Kevin Wilcox (Jun 12)