Educause Security Discussion mailing list archives
Re: Calea question
From: Greg Schaffer <newtnoise () GMAIL COM>
Date: Thu, 6 Dec 2012 20:05:17 -0600
I believe one criteria we measured by when I was at a university was whether the network access was incidental to the general intent of the network. In other words, if the network primarily existed to service learning needs (even in dorms), then guest access was incidental to the actual network, and therefore the tapping provisions for CALEA did not apply at the university network level. So far as I know CALEA has never been tested/challenged post revisions a few years ago; anyone know otherwise? Greg Schaffer -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Tracy Mitrano Sent: Thursday, December 06, 2012 7:11 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Calea question There are essentially two prongs to the test: 1. Is it a network that sells services to the public (not provides guest access, but sell services, or in the case of municipal access it would have to be to the entire municipality)? 2. Is technical access direct to the Internet or does it go through designated "pipes"? If the answer to either of these questions is yes, then CALEA may apply; if not, it is a private network and does not have to comply with the law. Tracy On Dec 6, 2012, at 7:26 PM, Kenneth G. Arnold wrote:
It is my impression that as long as you limit access to only certain
people on your network it is still considered to be a private network. The person has to request something from the school in order to gain access to the network. In the case of a family the family member who is a student is requesting access for the rest of the family and the school grants that permission. This is not the same as the other members of the family just coming to the campus and immediately getting access to the network without any prior permission. Don't you have outside groups coming to your campus for meetings and expecting network access when they are present? The school most likely grants them access but they have to request the access. They are not students, faculty or staff either.
________________________________________ From: The EDUCAUSE Security Constituent Group Listserv
[SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Mark Reboli [mreboli () MISERICORDIA EDU]
Sent: Thursday, December 06, 2012 3:58 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Calea question How do you handle giving access to wives or children of employees while
maintaining CALEA compliance? For example if you have a married couple on campus the wife is a student and thus providing her access is still a private network. If you provide her husband access, or their teen child of which neither the husband or teenager are students or employee does this then mean that you have to declare your network public and thus complete the compliance piece for CALEA?
[MU_Arches_90] Mark Reboli Network/Telecom/IT security Manager Misericordia University 570-674-6753
Current thread:
- Calea question Mark Reboli (Dec 06)
- Re: Calea question Kenneth G. Arnold (Dec 06)
- Re: Calea question Tracy Mitrano (Dec 06)
- Re: Calea question Greg Schaffer (Dec 06)
- Re: Calea question Tracy Mitrano (Dec 06)
- Re: Calea question Kenneth G. Arnold (Dec 06)