Re: Web Content Filtering

["Miller, Richard H" <rick () BCM EDU>]

Because there may be legitimate reasons for our people to visit what would be prohibited sites we modified the block 
page to allow them to use their
credentials to allow themselves access without having to go through an approval process. We do log the access and our 
compliance team will contact
the user and their administrator asking to document the reason they had to bypass.


Richard H. Miller, CISSP, IEEE(SM)
Network Security Architect
OIT-Network Engineering & Security
Office of Information Technology - Baylor College of Medicine



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Tevlin, 
Dave
Sent: Wednesday, April 22, 2015 1:19 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Web Content Filtering

At the recent NERCOMP conference this came up in a group discussion and at one school they had filtering in place that 
served a Warning page, not a block page, with a button to proceed. This tied into their education campaign on being 
secure online and help mitigate accidental browsing to malware and other infected domain sites.

Dave Tevlin
Georgetown Visitation Prep School

On Wed, Apr 22, 2015 at 1:49 PM, Carroll, Tim <Carrolltd () roanestate edu<mailto:Carrolltd () roanestate edu>> wrote:
Don,

Here at Roane State, we filter known Child Porn sites and gambling sites.  Both of these are prohibited by State and 
Federal laws.  We rate limit file sharing sites… with the exception of sites with known malware threats, all others are 
open but monitored.

Academic Freedom, censorship and academic research are the main reasons cited by our faculty and Library staff.

Regards,

Tim
Tim Carroll
Assistant Vice President and Chief Information Officer
Information Technology
Roane State Community College

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>] On Behalf Of Donald Welch
Sent: Wednesday, April 22, 2015 1:09 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Web Content Filtering

Colleagues,
I'm the new CISO for the University of Michigan.  I look forward to meeting you and working with you.  One of my first 
issues is web content filtering.

I've been asked whether any other higher education institutions implement web content filtering and if so what groups 
to you filter for and what kinds of content.  If you wish, I'd also welcome your opinion on how well it works.

This has started with our health system and my guess is that would be our focus if we went forward.  However, one of 
our Trustees has been questioning why we don't filter across the University.  I have to go to an initial meeting Friday 
afternoon, so any info you can give me before then would be much appreciated.

Sincerely,
Don

Donald J. Welch, Ph.D.
Chief Information Security Officer
University of Michigan
734-615-0334<tel:734-615-0334>

________________________________

This email is intended for the addressee and may contain privileged information. If you are not the addressee, you are 
not permitted to use or copy this email or its attachments nor may you disclose the same to any third party. If this 
has been sent to you in error, please delete the email and notify us by replying to this email immediately.