student systems and NIST 800-171

[Alex Jalso <ACJalso () MAIL WVU EDU>]

Hello Everyone,

In a meeting with peer institutions it was said that at the Federal level there's been discussions that university 
student information systems must treat resident data as CUI and have their systems be compliant with NIST 800-171 or 
risk losing financial aid.  Has anyone heard something similar to this or received communications about it?

Alex

Alex Jalso, PMP, CISM, CDPSE
Chief Information Security Officer
Information Technology Services
West Virginia University
p: 304-293-4457

Defend your data. ITS will NEVER ask you for your WVU Login credentials, Social Security number or credit card 
information via email. NEVER click on suspicious email links or attachments, even those that appear to be from a 
legitimate source. Hover over links to see where they really lead before clicking on them. When in doubt, contact 
DefendYourData () mail wvu edu<mailto:DefendYourData () mail wvu edu>.


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community