Re: [EXTERNAL] Re: [SECURITY] [EXT] Re: [SECURITY] student systems and NIST 800-171

[Dan Wasson <dan () NMC EDU>]

I would be interested in the working group.


*Dan Wasson*
*Director Systems & LAN Management*
*Northwestern Michigan College*
*231-995-1164*
*dwasson () nmc edu <dwasson () nmc edu>*

*Don't be a scam victim - NMC and other reputable organizations will never
use email to request that you reply with your password, social security
number or confidential personal information.*


On Tue, Feb 2, 2021 at 5:45 PM Ricardo Fitipaldi <rfitipal () sdsu edu> wrote:

> Please include SDSU.edu in the working ground.
> Sincerely,
> Ricardo Fitipaldi
> IT Security Office | Interim Information Security Officer
> *San Diego State University *| sdsu.edu <https://www.sdsu.edu/>
> (619)-594-0099
>
>
> Get Duo, Stay Protected.
> Learn More at the IT Security Duo MFA
> <https://it.sdsu.edu/security/operations-services/mfa> page | @SDSUITSO
> <https://twitter.com/sdsuitso?lang=en>
>
>
> On Fri, Jan 29, 2021 at 5:43 AM Harry Hoffman <hhoffman () ip-solutions net>
> wrote:
>
> > We're just starting to look into this among a broader effort around
> > compliance. I'd be interested in what other are doing or forming an
> > interest/working group if there's enough folks keen to do so.
> >
> > Cheers,
> > Harry
> >
> >
> > On Thu, Jan 28, 2021 at 11:35 AM Fugett, Julie C <jcf () ku edu> wrote:
> >
> > > Is anyone aware of templates, checklists, or other guidance around
> > > performing this self-assessment? I just watched Mia Jordan’s talk from the
> > > 2020 Virtual FSA training conference and while the talk was informative,
> > > she didn’t provide any resources or a timeline for the self-assessment
> > > process. I’m reaching out to the contact email in the slides, but I’m
> > > wondering if I’ve missed something somewhere along the way.
> > >
> > >
> > >
> > > ______________________________________
> > >
> > > Julie C. Fugett, CISSP
> > >
> > > Chief Information Security Officer
> > >
> > > KU Information Technology
> > >
> > > The University of Kansas
> > >
> > > Email jcf () ku edu
> > >
> > > Mobile +1 785 691 9023
> > >
> > > Office +1 785 864 0490
> > >
> > > *She/Her/Hers*
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > *From:* The EDUCAUSE Security Community Group Listserv <
> > > SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Ross Mukai
> > > *Sent:* Wednesday, January 27, 2021 6:10 PM
> > > *To:* SECURITY () LISTSERV EDUCAUSE EDU
> > > *Subject:* Re: [SECURITY] student systems and NIST 800-171
> > >
> > >
> > >
> > > Some slides from the 2020 student aid conference describing a compliance
> > > framework for glba + CUI
> > >
> > > The bullet points on the near-term plan on pg 18 include the 12/18/20
> > > letter and self-assessments
> > >
> > >
> > > https://fsaconferences.ed.gov/conferences/library/2020/2020FSAConfSessionBO15.pdf
> > > <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffsaconferences.ed.gov%2Fconferences%2Flibrary%2F2020%2F2020FSAConfSessionBO15.pdf&data=04%7C01%7Cjcf%40KU.EDU%7C1c322f48b61a4c329b3408d8c322851b%7C3c176536afe643f5b96636feabbe3c1a%7C0%7C0%7C637473900330006612%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=smFGHjFFqho1E785SaPoJGFmRnSgXRFc5c05hScgK8M%3D&reserved=0>
> > >
> > >
> > >
> > > On Wed, Jan 27, 2021 at 2:01 PM Sam Horowitz <samh () ucsb edu> wrote:
> > >
> > >
> > > https://ifap.ed.gov/electronic-announcements/121820CybersecurityProtectStudentInfoComplianceCUInGLBA
> > > <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fifap.ed.gov%2Felectronic-announcements%2F121820CybersecurityProtectStudentInfoComplianceCUInGLBA&data=04%7C01%7Cjcf%40KU.EDU%7C1c322f48b61a4c329b3408d8c322851b%7C3c176536afe643f5b96636feabbe3c1a%7C0%7C0%7C637473900330016603%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=tjsnBLUdeNXfC1AnKOIT4vUUCcFMM6PS7AfeQKVnpcc%3D&reserved=0>
> > >
> > >
> > >
> > > -------------------------------------------
> > > Sam Horowitz, CISSP, CISM
> > >
> > > *Chief Information Security Officer*
> > >
> > > he/him/his
> > >
> > > Office: (805) 893-5005
> > > Email: samh () ucsb edu
> > >
> > >
> > >
> > >
> > >
> > > On Wed, Jan 27, 2021 at 3:38 PM Alex Jalso <ACJalso () mail wvu edu> wrote:
> > >
> > > Hello Everyone,
> > >
> > >
> > >
> > > In a meeting with peer institutions it was said that at the Federal
> > > level there’s been discussions that university student information systems
> > > must treat resident data as CUI and have their systems be compliant with
> > > NIST 800-171 or risk losing financial aid.  Has anyone heard something
> > > similar to this or received communications about it?
> > >
> > >
> > >
> > > Alex
> > >
> > >
> > >
> > > Alex Jalso, PMP, CISM, CDPSE
> > >
> > > Chief Information Security Officer
> > >
> > > Information Technology Services
> > >
> > > West Virginia University
> > >
> > > p: 304-293-4457
> > >
> > >
> > >
> > > *Defend your data.* ITS will *NEVER* ask you for your WVU Login
> > > credentials, Social Security number or credit card information via email.
> > > *NEVER* click on suspicious email links or attachments, even those that
> > > appear to be from a legitimate source. Hover over links to see where they
> > > really lead before clicking on them. When in doubt, contact
> > > DefendYourData () mail wvu edu.
> > >
> > >
> > >
> > > **********
> > > Replies to EDUCAUSE Community Group emails are sent to the entire
> > > community list. If you want to reply only to the person who sent the
> > > message, copy and paste their email address and forward the email reply.
> > > Additional participation and subscription information can be found at
> > > https://www.educause.edu/community
> > > <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjcf%40KU.EDU%7C1c322f48b61a4c329b3408d8c322851b%7C3c176536afe643f5b96636feabbe3c1a%7C0%7C0%7C637473900330016603%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=mCZkrjit1ElyjMTLX2k%2F4kGsvfMqY9OuyN9frdng8U4%3D&reserved=0>
> > >
> > > **********
> > > Replies to EDUCAUSE Community Group emails are sent to the entire
> > > community list. If you want to reply only to the person who sent the
> > > message, copy and paste their email address and forward the email reply.
> > > Additional participation and subscription information can be found at
> > > https://www.educause.edu/community
> > > <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjcf%40KU.EDU%7C1c322f48b61a4c329b3408d8c322851b%7C3c176536afe643f5b96636feabbe3c1a%7C0%7C0%7C637473900330026603%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=IJzOkKvCIGJWHYTF6rCvlzdCKrgYyNwzBMFdcIsRB4Y%3D&reserved=0>
> > >
> > > **********
> > > Replies to EDUCAUSE Community Group emails are sent to the entire
> > > community list. If you want to reply only to the person who sent the
> > > message, copy and paste their email address and forward the email reply.
> > > Additional participation and subscription information can be found at
> > > https://www.educause.edu/community
> > > <https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjcf%40KU.EDU%7C1c322f48b61a4c329b3408d8c322851b%7C3c176536afe643f5b96636feabbe3c1a%7C0%7C0%7C637473900330026603%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=IJzOkKvCIGJWHYTF6rCvlzdCKrgYyNwzBMFdcIsRB4Y%3D&reserved=0>
> > >
> > > **********
> > > Replies to EDUCAUSE Community Group emails are sent to the entire
> > > community list. If you want to reply only to the person who sent the
> > > message, copy and paste their email address and forward the email reply.
> > > Additional participation and subscription information can be found at
> > > https://www.educause.edu/community
> > **********
> > Replies to EDUCAUSE Community Group emails are sent to the entire
> > community list. If you want to reply only to the person who sent the
> > message, copy and paste their email address and forward the email reply.
> > Additional participation and subscription information can be found at
> > https://www.educause.edu/community
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community