Re: Best practices for identifying students

[WALTER KERNER <walter_kerner () FITNYC EDU>]

Thanks Hugh.  This is great.







Walter Kerner

Acting AVP and CISO

[image: blue]

333 7th Avenue, 13th Floor

New York, NY 10001

Voice: 212-217-3415



*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Hugh Burley
*Sent:* Thursday, September 07, 2017 1:02 PM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Best practices for identifying students



Hi Walter,



We use the process in the attached .docx.  Let me know if this has any
value.



Regards,



Hugh Burley

Manager Information Security

Thompson Rivers University

BCCOL 225

250-852-6351







*From:* The EDUCAUSE Security Constituent Group Listserv [
mailto:SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>] *On
Behalf Of *WALTER KERNER
*Sent:* Thursday, September 7, 2017 4:49 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* [SECURITY] Best practices for identifying students



Hi all.  Can you comment on your practices and procedures for confirming
student identity if they request a password re-set?  We have to service
people in person, through email, and on the phone.  A couple of ideas if
have heard



Ask the caller/emailer to text or email a picture of him/herself

Ask the caller/emailer questions from his/her student record, like
birthdate or course name

Set up a knowledge-based question set like mother’s maiden name or favorite
movie.



Are you using these or other techniques?  We appreciate the insights.
Thanks







Walter Kerner

Acting AVP and CISO

[image: blue]

333 7th Avenue, 13th Floor

New York, NY 10001

Voice: 212-217-3415