Educause Security Discussion mailing list archives

Re: Security policies for student workers

From: Glen Shere <g-shere () ONU EDU>
Date: Tue, 15 Mar 2016 11:22:33 -0400

How do you ensure compliance with immigration law, labor law, and tax laws
without going through HR?

There's lots of talk in our community about "shadow IT"; are you
implementing a "shadow HR"?

On Tue, Mar 15, 2016 at 11:17 AM, Thomas Carter <tcarter () austincollege edu>
wrote:

They don’t go through HR and differ from traditional employees in a number
of ways. I don’t know of any policy outside of IT that explicitly states
that they are in the same category as traditional employees.



Thomas Carter

Network & Operations Manager

Austin College



*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Barton, Robert W.
*Sent:* Tuesday, March 15, 2016 9:33 AM

*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Security policies for student workers



Did that pass the legal sniff test?  We are having the same debate here,
since they are not paid fully by the University.  Historically, they have
been put in a different category here.



Robert W. Barton

Director of Information Security

Lewis University

One University Parkway

Romeoville, IL  60446-2200

815-836-5663



*From:* The EDUCAUSE Security Constituent Group Listserv [
mailto:SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>] *On
Behalf Of *Andregg, Bryan Courtney
*Sent:* Tuesday, March 15, 2016 9:29 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Security policies for student workers



Student workers are employees at UNC-CH. All appropriate policies apply.
More broadly, our policy and standards language clarifies that they apply
in all cases where individuals interact with university information and/or
systems regardless of personnel or end-point type.

--

Bryan C. Andregg

IT Security and Systems Manager

Instructional and Information Systems

UNC Gillings School of Global Public Health



*From: *The EDUCAUSE Security Constituent Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Brad Judy <brad.judy () CU EDU>
*Reply-To: *The EDUCAUSE Security Constituent Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU>
*Date: *Tuesday, March 15, 2016 at 10:12 AM
*To: *"SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
*Subject: *Re: [SECURITY] Security policies for student workers



I’m confused by the statement “not being employees”.  Why wouldn’t student
workers fall under all of the same policies as other employees?



Brad Judy



Information Security Officer

Office of Information Security

University of Colorado
1800 Grant Street, Suite 300
Denver, CO  80203

Office: (303) 860-4293

Fax: (303) 860-4302

www.cu.edu



[image: cu-logo_fl]



*From:* The EDUCAUSE Security Constituent Group Listserv [
mailto:SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>] *On
Behalf Of *Thomas Carter
*Sent:* Tuesday, March 15, 2016 7:59 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* [SECURITY] Security policies for student workers



Do you have specific security policies for student workers (work study,
etc)? Do you have specific policies about the use of personal computers
used by student workers? Can you point me to these policies or send me a
copy?



I’m trying to better define policies for student workers as they fall into
a gray area of not being employees and not being just students. Their work
may require access to resources that are restricted from normal students.
Additionally, as a small school, we have some student workers using
personal computers to do their work. Primarily artistic work (graphic
design, video editing, etc), but this sharing on student-owned devices
worries me somewhat.



Thomas Carter

Network & Operations Manager

Austin College



This message (including any attachments) is intended only for the use of
the individual or entity to which it is addressed and may contain
information that is non-public, proprietary, privileged, confidential, and
exempt from disclosure under applicable law or may constitute as attorney
work product. If you are not the intended recipient, you are hereby
notified that any use, dissemination, distribution, or copying of this
communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone at
(815)-836-5950 and (i) destroy this message if a facsimile or (ii) delete
this message immediately if this is an electronic communication. Thank you.

Current thread:

Security policies for student workers Thomas Carter (Mar 15)
- Re: Security policies for student workers Brad Judy (Mar 15)
- Re: Security policies for student workers Glen Shere (Mar 15)
- <Possible follow-ups>
- Re: Security policies for student workers Andregg, Bryan Courtney (Mar 15)
  - Re: Security policies for student workers Barton, Robert W. (Mar 15)
    - Re: Security policies for student workers Thomas Carter (Mar 15)
    - Re: Security policies for student workers Glen Shere (Mar 15)
    - Re: Security policies for student workers Thomas Carter (Mar 15)
    - Re: Security policies for student workers Mike Cunningham (Mar 15)
    - Re: Security policies for student workers Thomas Carter (Mar 15)