Educause Security Discussion mailing list archives
Re: [External] Re: [SECURITY] Student employees and access to data
From: "Gregg, Christopher S." <csgregg () STTHOMAS EDU>
Date: Fri, 10 May 2019 17:33:48 +0000
We have similar processes in place here as well. In addition, all of our employees, including student employees, sign a Privileged Access and Confidentiality Agreement form as part of their on-boarding. Thanks, Chris Chris Gregg Associate Vice President of Information Security & Risk Management, CISO Information Technology Services (ITS) csgregg () stthomas edu<mailto:csgregg () stthomas edu> p 1 (651) 962-6265 University of St. Thomas | stthomas.edu<https://www.stthomas.edu> From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of King, Ronald A. Sent: Friday, May 10, 2019 10:47 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [External] Re: [SECURITY] Student employees and access to data Ditto for NSU with the exception we set an expiration date when their service or contract will end for any employee related accounts. Ronald King Chief Information Security Officer Office of Information Technology (757) 823-2916 (Office) raking () nsu edu<mailto:raking () nsu edu> www.nsu.edu<https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.nsu.edu%2F&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C3900d3bbd6b549a383ae08d6d55ebda1%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C636931000264361018&sdata=3GwRRh8AXw%2FQG6DLqooLnPbLnqhEQFaiwTnFeYxs%2BhI%3D&reserved=0> @NSUCISO (Twitter) [NSU_logo_horiz_tag_4c - Smaller] From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Pesino, Sherry Sent: Friday, May 10, 2019 10:18 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Student employees and access to data We treat our student employees like traditional employees. They have access to what they need to complete the work they are hired to do. They also must complete the same awareness training and follow the same policies as full time employees and use an official email account for any work related email. Sherry ____________ Sherry Pesino, CISSP Information Security Program Office Connecticut State Colleges and Universities 61 Woodland Street Hartford, CT 06105 860-723-0021 pesinos () ct edu<mailto:pesinos () ct edu> [certified-information-systems-security-professional-cissp] From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Pete, Andrew Sent: Friday, May 10, 2019 10:12 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Student employees and access to data We have a number of departments that have work study students. I'm curious what other institutions are doing around access to data that may be sensitive whether in hard copy or digital format. What do you allow, what don't you allow? Why types of policies/procedures do you have in place?
Current thread:
- Student employees and access to data Pete, Andrew (May 10)
- Re: Student employees and access to data Pesino, Sherry (May 10)
- Re: [EXTERNAL] Re: [SECURITY] Student employees and access to data James Valente (May 10)
- Re: [EXTERNAL] Re: [SECURITY] Student employees and access to data Mike Beane (May 10)
- Re: Student employees and access to data King, Ronald A. (May 10)
- Re: [External] Re: [SECURITY] Student employees and access to data Gregg, Christopher S. (May 10)
- Re: Student employees and access to data Linc Nesheim (May 10)
- Re: [EXTERNAL] Re: [SECURITY] Student employees and access to data James Valente (May 10)
- Re: Student employees and access to data Pesino, Sherry (May 10)