Educause Security Discussion
mailing list archives
Tracking use of your central credentials
From: Bob Bayn <bob.bayn () USU EDU>
Date: Thu, 20 Nov 2008 16:12:55 -0700
I thought I asked these questions before, but didn't get any response. I'll try framing them a little differently and
see if anyone has comparable issues or solutions.
We have central credentials based on our SCT Banner ID number, managed in an ldap server and on domain servers, for
authentication to a variety of services including Banner, Exchange servers, USU-branded gmail, Blackboard (cms), wikis,
bulletin boards, lab access, desktop logins, etc. We are looking for a way to track or audit the uses of our central
credentials, either individually or collectively, on all of those services.
After someone succumbs to a phishing message, we want to know when that user's credentials were used so the user can
identify instances that were not legit.
We'd like to be able to tell which credentials are being used to login from China so we can check with those users to
see if they ARE in China.
We'd like to give our users access to a log of their own recent credential transactions for their verification.
Is anybody doing anything like this? If so, how? If not, what other way is there to get the assurance that
credentials are being used only by their rightful owner?
Bob Bayn (435)797-2396 Security Team coordinator
"IT will NEVER ask for your password via email, honest!"
Office of Information Techology at Utah State University
- Tracking use of your central credentials Bob Bayn (Nov 20)