Educause Security Discussion mailing list archives

Re: Blocked URL Categories

From: "Mccormick, Kevin" <ke-mccormick () WIU EDU>
Date: Fri, 27 Oct 2017 12:40:25 -0500

You allow access because you are a higher education institution and those
are topics that need researched.

We don't filter anything here, and if we even tried to the faculty and
students would throw a huge fit.

If the AUP is a university policy like ours, I would recommend re-writing
the AUP.

Some of the older AUPs I have seen are by today's standards overly
restrictive and outdated.

Here is our AUP.

http://www.wiu.edu/vpas/policies/usage.php

Kevin McCormick
<https://www.youracclaim.com/badges/3aa51624-4156-498d-bf6f-4a61790d54cf/public_url>
Network Administrator
University Technology - Western Illinois University
KE-McCormick () wiu edu | (309) 298-1335 <3092981335> | Morgan Hall 106b
Connect with uTech: Website <http://www.wiu.edu/utech> | Facebook
<https://www.facebook.com/uTechWIU> | Twitter
<https://twitter.com/WIU_uTech>


On Fri, Oct 27, 2017 at 11:56 AM, Ronald King <ronald.king () morgan edu>
wrote:

Good afternoon,

We are a public institution in Maryland. We are being questioned by our
state auditors as to why we permit access to the URL categories
abused-drugs, extremism, hacking, and gambling when our AUP states IT
resources are not to be used for illegal activities or "for commercial,
religious, political (including activities supporting the nomination of any
person for political office or attempting to influence the vote in any
election or referendum), solicitation, or profit-making purposes."

Along with academic freedom, the perspective I have been arguing is one to
permit access to the sites. The argument is, just because a student
accesses a gambling website does not mean they are gambling.

So, my questions to the group are:

   - Do you block these URL categories by default?
   - If so, how do you address the request to research in areas that
   might require access to these URLs?
   - How did you convince the auditors it was necessary to allow access
   to these categories?

As always, responses can be addressed directly to me or via the listserv.

Thank you for your input!
*Ronald A. King, CISSP*
Chief Information Security Officer
Morgan State University Office: (443) 885-3372
1700 E. Cold Spring Ln
<https://maps.google.com/?q=1700+E.+Cold+Spring+Ln&entry=gmail&source=g>.
Email: ronald.king () morgan edu
Baltimore, MD 21251 URL: http://www.morgan.edu

*Growing the future ... Leading the world*
<http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf>

Current thread:

Blocked URL Categories Ronald King (Oct 27)
- Re: Blocked URL Categories John Ruggirello (Oct 27)
- Re: [External] [SECURITY] Blocked URL Categories Reyor, William F. (Oct 27)
- Re: Blocked URL Categories Ruth Ginzberg (Oct 27)
  - Re: Blocked URL Categories Jones, Mark B (Oct 27)
- Re: Blocked URL Categories Adam Maynard (Oct 27)
  - Re: Blocked URL Categories Bradley, Stephen (Oct 27)
  - Re: Blocked URL Categories Ladwig, John M (Oct 27)
- Re: Blocked URL Categories Garrett Hildebrand (Oct 27)
- Re: Blocked URL Categories Mccormick, Kevin (Oct 27)
- Re: Blocked URL Categories Ruth Ginzberg (Oct 27)
  - Re: Blocked URL Categories Ronald King (Oct 27)
    - Re: Blocked URL Categories Frank Barton (Oct 27)
    - Re: Blocked URL Categories Babak Oskouian (Oct 27)
    - Re: Blocked URL Categories Frank Barton (Oct 27)
    - Re: Blocked URL Categories Garrett Hildebrand (Oct 27)