Re: [EXTERNAL] Re: [SECURITY] Public Facing Resources

[Hazra Hadee <hah2008 () QATAR-MED CORNELL EDU>]

Hi,

This is what we do:

Use cases that have been presented:

  *   Prospective Students (needing to fill out paperwork) - all paperwork done online.


  *   Visiting Professors (may need access to print as well) - we have couple of visiting faculty office with computers 
and usb connected printers. Visiting faculty have network accounts and access enabled as requested by the Department.


  *   Visiting Vendors - we do not have this scenario;

For the below 3 points: you could have your network printers on a separate VLAN with restrictions. All our network 
printers are on a separate VLAN.

  *   Teacher Cohorts


  *   Community Representatives


  *   Visitors to the Library (we are a community college and allow the community to use our libraries)

Hope this helps.

Best Regards,

Hazra Hadee
ITS Administration Manager
Weil Cornell Medicine in Qatar


On 5 Aug 2021, at 12:06 AM, Shane Kroening <0000029bc930dd68-dmarc-request () listserv educause edu> wrote:


[This email was sent from a non-WCMQ email address.]
Hi Emilie,

In my experience managing public facing tech, I’ve taken two approaches:


  1.  Using generic logins, but locking them down to that specific device (or devices).
  2.  Using smartcards, PINs, or similar tech that people can checkout to be able to authenticate and get on a specific 
device (or devices).


In both scenarios we’ve also configured imaging software (deep freeze and ghost are common) to wipe the device after 
each use and deployed policies to ensure the user has limited access, session timeout, etc.

Hope that helps!
Shane

Shane Kroening  <https://www.linkedin.com/company/qualys>
<image001.png>
Technical Account Manager, Pre-Sales, Central (SLED)

skroening () qualys com<mailto:skroening () qualys com>
414.791.5674

Qualys, Inc. – Blog<https://qualys.com/blog> | Community<https://community.qualys.com/> | 
Twitter<https://twitter.com/qualys>



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Emilie Kunze 
<ekunze () AUSTINCC EDU>
Date: Wednesday, August 4, 2021 at 3:19 PM
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Public Facing Resources
Hello all!

Curious how other institutions handle access to public facing technology for visitors on campuses (i.e. PC;s, printers 
etc).  We are trying to move the college away from generic logins and develop standards.

Use cases that have been presented:

  *   Prospective Students (needing to fill out paperwork)
  *   Visiting Professors (may need access to print as well)
  *   Visiting Vendors
  *   Teacher Cohorts
  *   Community Representatives
  *   Visitors to the Library (we are a community college and allow the community to use our libraries)

Thank you,
Emilie

[https://lh5.googleusercontent.com/8TGVFPsiEyy3_TXFjMAe-lCBkyXwyGevnGxIvGdvcCw3hjOZXmPHYbmZT0pi_gZG5RkwAY-Hr0A_XFdoepzZEFuNDmYnRMqD-9ud3Hyk-fMTIXJpmQ2qt5M1SGUDHcrQ6M_D9CrN]<https://austincc.edu/>

Emilie Kunze

IT Security Analyst Sr.

Acting Information Security Officer

Office of Information Technology

ekunze () austincc edu<mailto:ekunze () austincc edu>  | o 512-223-1157

ACC Information Security<https://it.austincc.edu/departments/information-security/>

      
[https://lh3.googleusercontent.com/3i9G30Fg3ZAiC3mZdiMpvQRradC3TjjCk-pdmKCGV_fzPcMSzNSQE7rf9y9DqgXUxJxxl35vf4rLx4n1kM_DpBsJJjbxv9EcmSmUwSHZdlZxsP2Dc_UngTyQv3pHCl6VhsG5Lfio]
 <https://www.facebook.com/accinfosec/>     
[https://lh5.googleusercontent.com/-i9vIi5rgXE71dcrX6-3bGqGXXd0B3y8YE4Q25USF9da5jZ2Slz-TeACb7E26aea5om8HOq35WMxxecKyIBRBaAEAipDnYr8hice3MMzGl1G-l7r9tpbmZ8S_SCmCRsTJ8yWtK3l]
 <https://twitter.com/ACCInfoSec>


                                                  CONFIDENTIAL NOTICE
This communication, including any attachments, may contain confidential information and is intended only for the 
individual or entity to which it is addressed. Any review, dissemination, or copying of this communication by anyone 
other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the 
sender by reply e-mail, delete and destroy all copies of the original message.


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community



[https://d1dejaj6dcqv24.cloudfront.net/asset/image/email-banner-384-2x.png]<https://www.qualys.com/email-banner>



This message may contain confidential and privileged information. If it has been sent to you in error, please reply to 
advise the sender of the error and then immediately delete it. If you are not the intended recipient, do not read, 
copy, disclose or otherwise use this message. The sender disclaims any liability for such unauthorized use. NOTE that 
all incoming emails sent to Qualys email accounts will be archived and may be scanned by us and/or by external service 
providers to detect and prevent threats to our systems, investigate illegal or inappropriate behavior, and/or eliminate 
unsolicited promotional emails (“spam”). If you have any concerns about this process, please contact us.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Disclaimer: This email and its attachments may be confidential and are intended solely for the use of the individual to 
whom it is addressed. If you are not the intended recipient, any reading, printing, storage, disclosure, copying or any 
other action taken in respect of this e-mail is prohibited and may be unlawful. If you are not the intended recipient, 
please notify the sender immediately by using the reply function and then permanently delete what you have received.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community