Educause Security Discussion mailing list archives
Re: Protecting helpdesk instruction sheets
From: "Taube, Dan" <djtaube () ILSTU EDU>
Date: Fri, 5 Feb 2021 14:56:00 +0000
We have public and restricted KBs. There is a release process that knowledge creators in any team can recommend any given article to be public. Our support center then has a team that will review, clean, and release such articles when appropriate. You can see an example of our user KB here: https://ithelp.illinoisstate.edu We have started taking a further step where there is a public facing article that has secured content in it. An example is where we want a public article for awareness, but restrict details that might create a security exposure. You can see an example of that approach here: https://docs.illinoisstate.edu/informationsecurity/topics/other-documents/fy19-it-specific-audit-finding-report Dan Illinois State University From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Nadim El-Khoury Sent: Thursday, February 4, 2021 5:17 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Protecting helpdesk instruction sheets [This message came from an external source. If suspicious, report to abuse () ilstu edu<mailto:abuse () ilstu edu>] Hi Jim, I always used IU KB knowledge as the model to follow. https://kb.iu.edu/<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fkb.iu.edu%2F&data=04%7C01%7C%7C071f428b243a4cc6d40f08d8c9631498%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637480774669250475%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=Y0kQBZPXhjn0Q0zL9ysmEfvfHtLPZs9%2F%2FULprah5N5A%3D&reserved=0> Best, Nadim On Thu, Feb 4, 2021 at 6:13 PM Gramke, Jim <0000018b95783deb-dmarc-request () listserv educause edu<mailto:0000018b95783deb-dmarc-request () listserv educause edu>> wrote: Hey all, Who here has their helpdesk self-help knowledge pages protect by password? (ie, not available to the general public) Ours are available from anywhere, but one must authenticate to view them --- just to make it harder for a would be attacker to do recon against us and learn of internal structures, products, and protocols in use. However there is now a request to make ours public as well. Just wondering what you all do with this. Thanks, Jim Gramke College of St. Benedict, St. John's University ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7C%7C071f428b243a4cc6d40f08d8c9631498%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637480774669260436%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=%2F%2Bw8eWCuxu1LRYOOFGVn5e0paB8jxtf8jHcZysu%2BRGY%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7C%7C071f428b243a4cc6d40f08d8c9631498%7C085f983a0b694270b71d10695076bafe%7C1%7C0%7C637480774669260436%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=%2F%2Bw8eWCuxu1LRYOOFGVn5e0paB8jxtf8jHcZysu%2BRGY%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Protecting helpdesk instruction sheets Gramke, Jim (Feb 04)
- Re: Protecting helpdesk instruction sheets Nadim El-Khoury (Feb 04)
- Re: Protecting helpdesk instruction sheets Taube, Dan (Feb 05)
- Re: Protecting helpdesk instruction sheets Nadim El-Khoury (Feb 04)