Re: Retiree email

[Mark Reboli <mreboli () MISERICORDIA EDU>]

We have been looking at this.  We are working towards making the change to reduce/eliminate if possible due to privacy 
rights etc.  answers are below to your direct questions.  I submitted this a few weeks ago to both this and the CIO 
list servs, I did not get a lot of responses but would be happy to discuss further if you wish.

M
Mark Reboli
Network/Telecom/IT Scurity Manager
Misericordia University
301 Lake Street Dallas, PA 18612
(570)674-6753

This e-mail and accompanying attachments are confidential.  The information is intended solely for the use of the 
individual to whom it is addressed. Any review, disclosure, copying, distribution, or use of this e-mail communication 
by others is strictly prohibited. If you are not the intended recipient, please notify us immediately by returning this 
message to the sender and delete all copies. Thank you for your cooperation.



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Boyd, Daniel
Sent: Monday, January 25, 2021 11:19 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Retiree email

External Email: Do not click any links or open any attachments unless you trust the sender and know the content is safe.


For those of you who provide retirees email (if anyone else is crazy enough to do so besides us), I have some questions:

  1.  Do you keep them in your primary email system/tenant (Exchange, O365, GSuite, etc)?currently yes, looking to 
provide at maximum email only
  2.  If you keep them in your primary system/tenant, do you require them to use MFA (assuming you require it for your 
active community)?one of the concerns and reasons we are looking to drop.  The costs and support
  3.  Do you change their address, i.e. add "emeritus" or "retiree" to the email domain? Again something we are looking 
at.  Currently emeritus keep the same account.  Retirees are changed to include a preceding  "r"

We're getting to the point where we are about to activate MFA on retirees and emerita and the apprehension of trying to 
teach some of these users how to use MFA has our support teams on pins and needles, so we're looking for alternatives.  
This and privacy rights are the reasons we are looking at the same


You are welcome to reply directly to me or to the list.

Thanks,

Dan


Daniel H. Boyd (94C)
Director of Information Security
Office of Information Technology
Information Security Advisory Group Chair
Berry College
Phone: 706-236-1750
Web: https://infosec.berry.edu<https://infosec.berry.edu/> & https://berry.edu/oit/information-security

There are two rules to follow concerning your account passwords:
1. NEVER SHARE YOUR PASSWORDS WITH ANYONE (EVEN OIT!!!!)
2. If unsure, consult rule #1

Information Security wants to know what you want to know about! If there is a topic within information security you 
would like to know more about please let me know using any of my contact information above.





**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community