Educause Security Discussion mailing list archives
Re: student systems and NIST 800-171
From: Dennis Bolton <bolton () OAKLAND EDU>
Date: Thu, 28 Jan 2021 12:17:02 -0500
Yes, we started doing this a few years ago. I can't recall the specific driver (e.g. announcement or publication) but I think the general goal was to be prepared if the guidance \ language become more direct. I know the great folks at BYU have made some amazing GoogleSheets to facilitate reviews. I believe they have currently NIST 800-171 and CMMC templates up for general use by other educational institutions. Dennis Bolton Information Security Officer Oakland University Dodge Hall Rm 220 118 Library Drive Rochester, MI 48309-4401 248-370-4803 On Wed, Jan 27, 2021 at 6:38 PM Alex Jalso <ACJalso () mail wvu edu> wrote:
Hello Everyone, In a meeting with peer institutions it was said that at the Federal level there’s been discussions that university student information systems must treat resident data as CUI and have their systems be compliant with NIST 800-171 or risk losing financial aid. Has anyone heard something similar to this or received communications about it? Alex Alex Jalso, PMP, CISM, CDPSE Chief Information Security Officer Information Technology Services West Virginia University p: 304-293-4457 *Defend your data.* ITS will *NEVER* ask you for your WVU Login credentials, Social Security number or credit card information via email. *NEVER* click on suspicious email links or attachments, even those that appear to be from a legitimate source. Hover over links to see where they really lead before clicking on them. When in doubt, contact DefendYourData () mail wvu edu. ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Re: student systems and NIST 800-171, (continued)
- Re: student systems and NIST 800-171 Ronald Loneker (Feb 01)
- Re: [EXT] Re: [SECURITY] student systems and NIST 800-171 Ricardo Fitipaldi (Feb 02)
- Re: [EXTERNAL] Re: [SECURITY] [EXT] Re: [SECURITY] student systems and NIST 800-171 Dan Wasson (Feb 02)
- Re: [EXTERNAL] Re: [SECURITY] [EXT] Re: [SECURITY] student systems and NIST 800-171 Mavour, Monique A (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] [EXT] Re: [SECURITY] student systems and NIST 800-171 Karen A Bell (kbell) (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] [EXT] Re: [SECURITY] student systems and NIST 800-171 Jackson, Ms. D'Ann (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] [EXT] Re: [SECURITY] student systems and NIST 800-171 Steven Saine (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] [EXT] Re: [SECURITY] student systems and NIST 800-171 Nadim El-Khoury (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] [EXT] Re: [SECURITY] student systems and NIST 800-171 Brian Amstutz (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] [EXT] Re: [SECURITY] student systems and NIST 800-171 Ben Marsden (Feb 08)
- Re: [External] Re: [SECURITY] student systems and NIST 800-171 Coleman, Susan Elizabeth (Jan 28)
- Re: [External] Re: [SECURITY] student systems and NIST 800-171 Ross Mukai (Jan 28)
- Re: student systems and NIST 800-171 Welch, Von (Jan 29)
- Re: student systems and NIST 800-171 Koppel, Lorna (Jan 29)
- Re: student systems and NIST 800-171 Bertone, John (Jan 29)
- Re: student systems and NIST 800-171 Ben Marsden (Feb 08)
- Re: student systems and NIST 800-171 Ellis, Carolyn A (Feb 08)