Educause Security Discussion mailing list archives

Re: Student employees and access to data

From: Linc Nesheim <nesheijl () WHITMAN EDU>
Date: Fri, 10 May 2019 10:48:05 -0700

Similar to others...  we issue a secondary ID for student employees that
have access to sensitive data.
We also go further and restrict where these accounts are functional.



On Fri, May 10, 2019 at 8:47 AM King, Ronald A. <raking () nsu edu> wrote:

Ditto for NSU with the exception we set an expiration date when their
service or contract will end for any employee related accounts.



*Ronald King*

*Chief Information Security Officer*



*Office of Information Technology*

(757) 823-2916 (Office)

raking () nsu edu

www.nsu.edu

@NSUCISO (Twitter)

[image: NSU_logo_horiz_tag_4c - Smaller]



*From:* The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Pesino, Sherry
*Sent:* Friday, May 10, 2019 10:18 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Student employees and access to data



We treat our student employees like traditional employees. They have
access to what they need to complete the work they are hired to do. They
also must complete the same awareness training and follow the same policies
as full time employees and use an official email account for any work
related email.



Sherry

____________

Sherry Pesino, CISSP

Information Security Program Office

Connecticut State Colleges and Universities

61 Woodland Street

Hartford, CT 06105

860-723-0021

pesinos () ct edu



[image: certified-information-systems-security-professional-cissp]







*From:* The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Pete, Andrew
*Sent:* Friday, May 10, 2019 10:12 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* [SECURITY] Student employees and access to data



We have a number of departments that have work study students.  I’m
curious what other institutions are doing around access to data that may be
sensitive whether in hard copy or digital format.  What do you allow, what
don’t you allow?  Why types of policies/procedures do you have in place?



-- 


*Linc Nesheim, CISSP*
Information Security Officer
Whitman College
*509-527-5852*

Current thread:

Student employees and access to data Pete, Andrew (May 10)
- Re: Student employees and access to data Pesino, Sherry (May 10)
  - Re: [EXTERNAL] Re: [SECURITY] Student employees and access to data James Valente (May 10)
    - Re: [EXTERNAL] Re: [SECURITY] Student employees and access to data Mike Beane (May 10)
  - Re: Student employees and access to data King, Ronald A. (May 10)
    - Re: [External] Re: [SECURITY] Student employees and access to data Gregg, Christopher S. (May 10)
    - Re: Student employees and access to data Linc Nesheim (May 10)