Re: Staff Directory on Web

[Jeremy Livingston <jlivings () STEVENS EDU>]

We moved our directory contact information behind a login page.

It's just too easy for phishing otherwise.




Jeremy M. Livingston
Chief Information Security Officer
M 973-985-4996
STEVENS INSTITUTE OF TECHNOLOGY<http://www.stevens.edu/>
facebook<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FStevens1870&data=04%7C01%7Cggorji%40stevens.edu%7C699c5195bc474e603d7d08d8763c6946%7C8d1a69ec03b54345ae21dad112f5fb4f%7C0%7C0%7C637389349125639671%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=1KGpGo5vEh7IOdT%2B5Yt%2BgT%2BMV3DtUpGdip4nVisQkI8%3D&reserved=0>
  *  
twitter<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FFollowStevens&data=04%7C01%7Cggorji%40stevens.edu%7C699c5195bc474e603d7d08d8763c6946%7C8d1a69ec03b54345ae21dad112f5fb4f%7C0%7C0%7C637389349125649665%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Bx%2BuLzfm06iTj00sT2PWyvvZ0BOoEsU84p6CBiOkhzY%3D&reserved=0>
  *  news<http://www.stevens.edu/news/>  *  
youtube<https://nam02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.youtube.com%2Fuser%2FEdwinAStevens70&data=04%7C01%7Cggorji%40stevens.edu%7C699c5195bc474e603d7d08d8763c6946%7C8d1a69ec03b54345ae21dad112f5fb4f%7C0%7C0%7C637389349125649665%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=RSJ%2BaWOeuShz2gsnYCupqNHFh%2FVNwEp1v%2BnwG1nEydw%3D&reserved=0>


Report Phishing
To report phishing, please forward your email as
an attachment to phishing @stevens.edu. Please
click here<https://sit.teamdynamix.com/TDClient/KB/ArticleDet?ID=46729> for forwarding instructions.

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Barton, Robert W.
Sent: Thursday, June 24, 2021 1:57 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Staff Directory on Web

EXTERNAL:

Afternoon,

There is a little debate going here on IF our directory of employees (name, number, email, department) should be 
available to the web.  One side looks at it as we are being transparent, and it is good "marketing".  The other side is 
looking at it like we are releasing to much information (making it easier for a hacker to find targets) and making it 
easy for SPAMers.  Has anybody had this conversation before?  Anybody have an article that says one or the other?

As I search around, I'm seeing colleges/universities that go both ways.

Robert W. Barton
Executive Director of Information Security & Policy
Lewis University
1 University Parkway
Romeoville, IL  60446-2200
815-836-5663

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7Cjlivings%40STEVENS.EDU%7Ce28f822dcba04349b5dc08d937398652%7C8d1a69ec03b54345ae21dad112f5fb4f%7C0%7C0%7C637601542468388523%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=mjlbWVEUVtTj9n4vHXt2mk5e2%2BfFmhkx2QbHCgy%2B83w%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community