Spring Break
University implements policy to ensure student privacy
By: Kenny Ryan
Issue date: 4/15/08 Section: News
"But with the increased level of security that is being enforced within the computer network system on campus, it doesn't meet the current standards. It may not have been any kind of a violation at the time, I believe [Munster] just wasn't aware that it was there at all.
"We certainly have been putting in place all the required security for our computing systems that have sensitive information on them. We have been getting a lot of directives from the University regarding how various files should be encrypted and how work stations should be locked, limited access and those sorts of things.
"At this department, we are making a firm and hard effort to follow all those guidelines."
The University's Computer Information Services helps departments to ensure that their data is secure.
"CIS is responsible for campuswide network security, while departments are responsible for securing their own networks and machines," said Willis Marti, director and chief officer of CIS networking and information security. "CIS provides information, security tools and assistance for departments to help them with their security responsibilities."
Marti said that due to the extraordinary amount of servers on campus, a number he estimated as in the thousands, CIS cannot check them all. Server data checking is delegated to the individual departments, to whom CIS plays a support role. Marti said CIS is continuously scanning for old data, such as that from Munster's class, using a program that scans files for SSNs and financial data.
Despite this security, CIS was not the organization to discover the security breach that dated back to 1998. The data was found by the third party organization SSNBreach.org, organized by the Liberty Coalition, a non-profit and non-partisan organization based in Washington, D.C.
The Liberty Coalition didn't have to beat all of the security protocols created by CIS at A&M to find the file. It found it the same way a student finds anything they want on the Internet - the Liberty Coalition Googled it.
"We certainly have been putting in place all the required security for our computing systems that have sensitive information on them. We have been getting a lot of directives from the University regarding how various files should be encrypted and how work stations should be locked, limited access and those sorts of things.
"At this department, we are making a firm and hard effort to follow all those guidelines."
The University's Computer Information Services helps departments to ensure that their data is secure.
"CIS is responsible for campuswide network security, while departments are responsible for securing their own networks and machines," said Willis Marti, director and chief officer of CIS networking and information security. "CIS provides information, security tools and assistance for departments to help them with their security responsibilities."
Marti said that due to the extraordinary amount of servers on campus, a number he estimated as in the thousands, CIS cannot check them all. Server data checking is delegated to the individual departments, to whom CIS plays a support role. Marti said CIS is continuously scanning for old data, such as that from Munster's class, using a program that scans files for SSNs and financial data.
Despite this security, CIS was not the organization to discover the security breach that dated back to 1998. The data was found by the third party organization SSNBreach.org, organized by the Liberty Coalition, a non-profit and non-partisan organization based in Washington, D.C.
The Liberty Coalition didn't have to beat all of the security protocols created by CIS at A&M to find the file. It found it the same way a student finds anything they want on the Internet - the Liberty Coalition Googled it.
Be sure to include your name, major, and class year. Submissions without this information are subject to deletion.
By submitting a comment, you agree to thebatt.com's Terms of Use.
You may also send a Mail Call to The Battalion at mailcall@thebatt.com