E-mailing sensitive documents

[Gerry Sneeringer <sneeri () UMD EDU>]

There is a desire in some of the academic circles of our campus to
be able to safely transmit FERPA protected data to students via
e-mail.

The good news is that they understand the need to ensure that only
the intended recipient can read the message.  Unfortunately, we do
not have much in the way of a public key infrastructure in place
and are unlikely to have one any time soon due to resource
constraints.

I hope to be able to redirect these folks towards considering a
setup where their e-mail only provides a URL to a secure web page
that can be password protected and only viewed by the appropriate
party.

Have you encountered this requirement at your campuses?  If so,
would you please share the approaches that you've taken?

Thanks in advance,

Gerry Sneeringer, CISSP
IT Security Officer
University of Maryland
Office of Information Technology

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.