washingtonpost.com — "Universities have become attractive targets for hackers who are taking advantage of the openness of the schools' networks, their decentralized security and the personal information they keep on millions of young adults. Universities account for more than 50 data breaches on a list of more than 300 so far this year."
Dec 17, 2006 View in Crawl 4
gregmsDec 18, 2006
My university created a id number to replace using SS numbers on everything. However, for any paperwork you were filling out with the university, not only now did you still have to put you SS number on it, now you had to include this new number as well.
mattman59Dec 18, 2006
Scary Stuff.
matriumDec 18, 2006
I am glad to see mainstream media shed light on the problem of information security at colleges and universities. However, the number of incidents is much higher then the state 50. According to my research, the number of incidents tops 70 this year alone. The problem is that data breaches only account for some, but not all record exposure and data loss. Incidents such as theft or loss of equipment and accidental exposure over e-mail or the Internet also happen quite frequently at colleges and universities around the world. I have worked to compile information and links to such incidents at <a class="user" href="http://www.adamdodge.com/esi">http://www.adamdodge.com/esi</a> and I encourage anyone that works in higher education or is a current college student to take a look.
Closed AccountDec 18, 2006
One of the contracts I'm working now has a customer in a similar situation. They're handling a great deal of privacy act data. Simple solutions are elusive. We can create a global unique identifier and store privacy act data on an encrypted partition easy enough, but then you need a mechanism to access the privacy store. We use two factor authentication but users can defeat that by copying data to spreadsheets and word processor documents, which they do claiming accessing the privacy store is inconvenient. So, sure, the consultants can cover their butts and it does prevent hundreds of thousands of records from walking off on a laptop, but it still doesn't provide the security for privacy act data I'd want if it was my data in there. I'm trying to come up with an information layering schema that limits the number of administrator level users at every tier, getting more Death Star as the information gets more valuable. But trying to make that invisible to the user has thus far proven difficult.And this customer cares. Imagine what it must be like at companies that don't give a crap. And until there are heavy fines for losing privacy act data they're not going to care.
oneiroiDec 18, 2006
It's a valid concern, but I always thought at my University it was the most over secure password-wise. They made you use a password that would chance monthly, where you'd have to start with a number, use a punctunation mark, they'd check to make sure it was a non dictionary word, and you couldn't repeat passwords. And really it was one of the things I probably wouldn't care about if someone hacked into. There were stringent rules about using SS as your student ID, so that wasn't really a problem.
glock22ownrDec 18, 2006
... and that is why he is management ...
skicoDec 18, 2006
During my sophomore year at University of Colorado (I graduated '06) they stopped using SSN's as the student ID number and just assigned everyone some arbitrary number. No one could remember their new "more secure" number and had to write it down on everything just so that you could find a copy when you needed it. Not sure which is better.
mitreboxDec 19, 2006
i think a good fark headline would also mention "gravity discovered! Woot!"
nicktrippDec 19, 2006
Federal law now prevents universities from using SSN's as student ID numbers. If anyone's school is still doing that, you need to take appropriate steps to report them immediately.
Closed AccountDec 19, 2006
You do not need to search for working free web proxies. All is here.Find free web proxy for desired country! All proxies are regulary checked if they still alive.<a class="user" href="http://getproxy.emigrantas.com">http://getproxy.emigrantas.com</a>enjoy it!