Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: SECURITY Digest - 12 Dec 2013 to 16 Dec 2013 (#2013-219)
From: Kim Cary <kim.cary () PEPPERDINE EDU>
Date: Tue, 17 Dec 2013 13:44:03 -0800

PSoft is web based. HTTPS access is allowed from anywhere.

Kim

~=|=~

Kim Cary
Chief Information Security Officer
Pepperdine University

Please process all unexpected email requests according to the skills at
phishing.pepperdine.edu - if suspicious, delete; if it seems real or you
can't decide, contact the purported sender via published phone number, web
or email address.



On Mon, Dec 16, 2013 at 9:00 PM, SECURITY automatic digest system <
LISTSERV () listserv educause edu> wrote:



---------- Forwarded message ----------
From: SECURITY automatic digest system <LISTSERV () LISTSERV EDUCAUSE EDU>
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Cc:
Date: Mon, 16 Dec 2013 21:00:03 -0800
Subject: SECURITY Digest - 12 Dec 2013 to 16 Dec 2013 (#2013-219)
There are 5 messages totalling 520 lines in this issue.

Topics of the day:

  1. Biometric Survey for Higher Education
  2. Remote access to SIS/ERP? (4)


---------- Forwarded message ----------
From: Valerie Vogel <vvogel () EDUCAUSE EDU>
To:
Cc:
Date: Mon, 16 Dec 2013 09:59:19 -0800
Subject: Re: Biometric Survey for Higher Education
Please consider completing the biometrics survey below. Kevin needs 40
more responses (90 total). Your input is appreciated and may help us
publish a new ECAR paper for the higher ed infosec community.
Best,
Valerie


Valerie Vogel Program Manager

EDUCAUSE
Uncommon Thinking for the Common Good
direct: 202.331.5374 | main: 202.872.4200 | educause.edu



On 11/23/13 8:24 AM, "Mclaughlin, Kevin (mclaugkl)"
<mclaugkl () UCMAIL UC EDU> wrote:


Hi Everyone:

A lot of you probably know me from my time and contributions back when I
was the CISO at the University of Cincinnati, a role I have since moved
on from.  I am still active in higher education and in Cyber Security as
I am on my 23rd year as an adjunct for various colleges.  I am finally
finishing up my dissertation work in Cyber Security and was hoping that
each of you would be willing to help me accomplish this life goal by
completing the survey at the link below.

The survey is 16 questions in likert (agree/disagree) format and a
couple of demographic questions.  In the pre-test it literally took most
people less than 8 minutes to complete the instrument.  So, I am asking
for 8 minutes of your time.  I also am very much aware of the worlds most
popular radio station WIIFM (what's in it for me)  :-)   - the kind folks
at ECAR have agreed, as long as it is deserving,  to publish my research
so that it can benefit and be shared across our community (thank you
Joanna and Valerie!).   Yes,  I have passed IRB approval,  pre-test
review, field trial, etc.  and now I am ready to collect results from the
actual instrument.

Here is the link to the instrument and I look forward to see what our
community is thinking in this space.

                     ..
https://www.surveymonkey.com/s/Biometrics_HigherEducation_klm

Warm Regards,

- Kevin


---------- Forwarded message ----------
From: Theresa Rowe <rowe () OAKLAND EDU>
To:
Cc:
Date: Mon, 16 Dec 2013 12:33:01 -0800
Subject: Re: Remote access to SIS/ERP?
We o, through VPN.

Theresa

On Monday, December 9, 2013, David Curry wrote:


Hi,

Looking to answer the "well, what do other schools do?" question here...

Do you allow remote access to Banner (or whatever system you use) for
employees working from home, on the road, etc.? If so, how are you doing it
-- VPN, VDI, Citrix or similar, LogMeIn/GoToMyPC, over the open Internet,
etc.? And do you require any additional authentication (such as two-factor
authentication)?

Do you have a reporting instance (Argos, Hyperion, etc.) attached to
Banner (or whatever system you use)? If so, so you allow remote access to
that, and if so, how (same questions as above)?

Thanks,
--Dave


--

*DAVID A. CURRY, CISSP* • DIRECTOR OF INFORMATION SECURITY

*THE NEW SCHOOL* • 55 W. 13TH STREET • NEW YORK, NY 10011

+1 212 229-5300 x4728 • david.curry () newschool edu



--
Theresa Rowe on the road


---------- Forwarded message ----------
From: "Miller,James R" <millerj () UAKRON EDU>
To:
Cc:
Date: Mon, 16 Dec 2013 13:06:39 -0800
Subject: Re: Remote access to SIS/ERP?
We use BPN

Sent from my iPhone

On Dec 16, 2013, at 3:34 PM, "Theresa Rowe" <rowe () OAKLAND EDU> wrote:

We o, through VPN.

Theresa

On Monday, December 9, 2013, David Curry wrote:


Hi,

Looking to answer the "well, what do other schools do?" question here...

Do you allow remote access to Banner (or whatever system you use) for
employees working from home, on the road, etc.? If so, how are you doing it
-- VPN, VDI, Citrix or similar, LogMeIn/GoToMyPC, over the open Internet,
etc.? And do you require any additional authentication (such as two-factor
authentication)?

Do you have a reporting instance (Argos, Hyperion, etc.) attached to
Banner (or whatever system you use)? If so, so you allow remote access to
that, and if so, how (same questions as above)?

Thanks,
--Dave


--

*DAVID A. CURRY, CISSP* • DIRECTOR OF INFORMATION SECURITY

*THE NEW SCHOOL* • 55 W. 13TH STREET • NEW YORK, NY 10011

+1 212 229-5300 x4728 • david.curry () newschool edu



--
Theresa Rowe on the road



---------- Forwarded message ----------
From: "Miller,James R" <millerj () UAKRON EDU>
To:
Cc:
Date: Mon, 16 Dec 2013 13:08:38 -0800
Subject: Re: Remote access to SIS/ERP?
Sorry, meant to type VPN. Darn these small keyboards.

Sent from my iPhone

On Dec 16, 2013, at 4:07 PM, "Miller,James R" <millerj () uakron edu> wrote:

We use BPN

Sent from my iPhone

On Dec 16, 2013, at 3:34 PM, "Theresa Rowe" <rowe () OAKLAND EDU> wrote:

We o, through VPN.

Theresa

On Monday, December 9, 2013, David Curry wrote:


Hi,

Looking to answer the "well, what do other schools do?" question here...

Do you allow remote access to Banner (or whatever system you use) for
employees working from home, on the road, etc.? If so, how are you doing it
-- VPN, VDI, Citrix or similar, LogMeIn/GoToMyPC, over the open Internet,
etc.? And do you require any additional authentication (such as two-factor
authentication)?

Do you have a reporting instance (Argos, Hyperion, etc.) attached to
Banner (or whatever system you use)? If so, so you allow remote access to
that, and if so, how (same questions as above)?

Thanks,
--Dave


--

*DAVID A. CURRY, CISSP* • DIRECTOR OF INFORMATION SECURITY

*THE NEW SCHOOL* • 55 W. 13TH STREET • NEW YORK, NY 10011

+1 212 229-5300 x4728 • david.curry () newschool edu



--
Theresa Rowe on the road



---------- Forwarded message ----------
From: "Hanson, Mike" <mhanson () CSS EDU>
To:
Cc:
Date: Mon, 16 Dec 2013 13:43:42 -0800
Subject: Re: Remote access to SIS/ERP?
Dave,

We do allow access to Banner and the reporting component via VPN with dual
factor authentication.

Mike

Mike Hanson, CISSP
Network Security Manager
The College of St. Scholastica
Duluth, MN





On Mon, Dec 16, 2013 at 2:33 PM, Theresa Rowe <rowe () oakland edu> wrote:

We o, through VPN.

Theresa

On Monday, December 9, 2013, David Curry wrote:


Hi,

Looking to answer the "well, what do other schools do?" question here...

Do you allow remote access to Banner (or whatever system you use) for
employees working from home, on the road, etc.? If so, how are you doing it
-- VPN, VDI, Citrix or similar, LogMeIn/GoToMyPC, over the open Internet,
etc.? And do you require any additional authentication (such as two-factor
authentication)?

Do you have a reporting instance (Argos, Hyperion, etc.) attached to
Banner (or whatever system you use)? If so, so you allow remote access to
that, and if so, how (same questions as above)?

Thanks,
--Dave


--

*DAVID A. CURRY, CISSP* • DIRECTOR OF INFORMATION SECURITY

*THE NEW SCHOOL* • 55 W. 13TH STREET • NEW YORK, NY 10011

+1 212 229-5300 x4728 • david.curry () newschool edu



--
Theresa Rowe on the road





  By Date           By Thread  

Current thread:
  • Re: SECURITY Digest - 12 Dec 2013 to 16 Dec 2013 (#2013-219) Kim Cary (Dec 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]