Educause Security Discussion mailing list archives
Re: Guidelines for Deans
From: InfoSec <infosec () UGA EDU>
Date: Thu, 4 Dec 2003 08:10:59 -0500
I agree, the ISAlliance docs are good for upper-management and reference... Gatewood UGA - Chief Information Security Officer "Without authentication, user identification has no credibility." ============================================ DOD Password Management Guideline -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Hart, Lee Anne Sent: Wednesday, December 03, 2003 1:46 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Guidelines for Deans This site has two downloadable .pdf files titled Common Sense Guide for Senior Managers and Common Sense Guide for Home and Individual Users. They both have some very good information. http://www.isalliance.org/ The links are on the left hand column of the webpage. Lee Anne -----Original Message----- From: Herbert Baines III [mailto:herbert.baines () OIT GATECH EDU] Sent: Wednesday, December 03, 2003 1:33 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Guidelines for Deans Good afternoon, We are in the process of drafting a "short" information security guideline document for our Deans and I want to solicit information from this community on the subject. The guidelines are to be at a high level, yet meaningful - what should the Deans do to ensure a secure environment, - what guidance should they give to the school Chairs, - how can they achieve security goals.......what are the appropriate management controls (in an open architecture with a lot of school-level autonomy...? We have existing policies and procedures that were approved in our top-level policy (below) and of course we review information from Educause, NIST and other security organizations (see below), but condensing all that information into a single (short) todo document for the Deans is a challenge. Any pointers or assistance you can offer would be greatly appreciated. http://www.security.gatech.edu/policy/general_measures.html http://www.security.gatech.edu/policy/usage/policy.html#6.5 http://www.security.gatech.edu/architecture/system_administration/ http://www.cisecurity.org/ <http://www.nist.gov/cgi-bin/exit_nist.cgi?url=http://www.cisecurity.org /> http://csrc.nist.gov/ http://www.educause.edu/security/ Best regards, -Herb Herbert Baines, CISSP, CISA Director, Information Security Office of Information Technology Georgia Tech Atlanta, GA 30332 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Guidelines for Deans Herbert Baines III (Dec 03)
- <Possible follow-ups>
- Re: Guidelines for Deans Lance Jordan (Dec 03)
- Re: Guidelines for Deans Hart, Lee Anne (Dec 03)
- Re: Guidelines for Deans Brian Reilly (Dec 03)
- Re: Guidelines for Deans InfoSec (Dec 04)