Educause Security Discussion mailing list archives
Re: Email and IAM directory separation
From: "Semmens, Theresa" <theresa.semmens () MIAMI EDU>
Date: Wed, 18 Apr 2018 12:30:16 +0000
I have to agree with Mark, trying to separate is a fruitless effort, and it will cause more consternation that it's worth. You are best to roll out the controls and standards to everyone including the students. Theresa Semmens, CISA AVP Chief Information Security Officer University of Miami Suite 1100 1320 S. Dixie Highway Coral Gables, FL O: (305) 284-1526 Theresa.Semmens () miami edu<mailto:Theresa.Semmens () miami edu> http://it.miami.edu<http://it.miami.edu/> From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Jones, Mark B Sent: Tuesday, April 17, 2018 3:37 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Email and IAM directory separation Those are good arguments, but you will be bailing water out of that sinking boat until you retire. You will have a significant amount of crossover where faculty and even students can also be clinicians. Then you have to decide if you will put them with one group or the other. Neither decision will make them happy. You might want them to use two different email addresses, but they won't. you will get clinical mail on the education side no matter how you try to keep them separate. Just raise the bar for both and keep it all together and simple. From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Bennett, Daniel Sent: Tuesday, April 17, 2018 2:07 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Email and IAM directory separation All, I left higher ed and went to healthcare a few years back. Now our health system owns a College. The topic of email and active directory has come up a few times. I would like feedback from those of you working for universities with a healthcare element and the approach you all have taken. My thought is our higher education and clinical businesses should remain separate since the level of trust, regulation, and security are different for both sectors. We should not house the email from our students & faculty at the College in the same environment as that of our clinicians and healthcare administration. Thoughts? Thanks, Daniel Bennett Enterprise Cybersecurity Architect CISSP, ISSAP, ITIL Information Security Office 100 N Academy Ave, Danville, PA 17822-2290 MC30-02 (w) 570-214-1685 [cid:image001.png@01D3BA15.F8CDC1F0]<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.proofpoint.com%2Fv2%2Furl%3Fu%3Dhttp-3A__www.geisinger.org_%26d%3DDwMFAg%26c%3D6vgNTiRn9_pqCD9hKx9JgXN1VapJQ8JVoF8oWH1AgfQ%26r%3DjgMu8DNgV_dycz0rYwkNbEQq36F0BI5_Zpblz7C5LhM%26m%3DLZFy9Agzb64ERitcli9f0c4tVBQMxrDCVZ7L1sTRlMY%26s%3D8i-NVaGZW7d23lCG6t7b993wjHBjeLx2Eg6By3LXHf8%26e%3D&data=02%7C01%7Ctheresa.semmens%40MIAMI.EDU%7C50a37f081460410f8ffd08d5a49ab002%7C2a144b72f23942d48c0e6f0f17c48e33%7C0%7C0%7C636595906703197244&sdata=hLBF4wdBE%2FXYaHGH24vdFpOP%2BYvCbuJ0ARHeZ4DJcRY%3D&reserved=0> ________________________________ IMPORTANT WARNING: The information in this message (and the documents attached to it, if any) is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken, or omitted to be taken, in reliance on it is prohibited and may be unlawful. If you have received this message in error, please delete all electronic copies of this message (and the documents attached to it, if any), destroy any hard copies you may have created and notify me immediately by replying to this email. Thank you. Geisinger Health System utilizes an encryption process to safeguard Protected Health Information and other confidential data contained in external e-mail messages. If email is encrypted, the recipient will receive an e-mail instructing them to sign on to the Geisinger Health System Secure E-mail Message Center to retrieve the encrypted e-mail.
Current thread:
- Email and IAM directory separation Bennett, Daniel (Apr 17)
- Re: Email and IAM directory separation Jones, Mark B (Apr 17)
- Re: Email and IAM directory separation Jeff Choo (Apr 17)
- Re: Email and IAM directory separation Semmens, Theresa (Apr 18)
- Re: Email and IAM directory separation Michael Schalip (Apr 18)
- Re: Email and IAM directory separation Miguel Angel Gonzalez de la Torre (Apr 18)
- Re: Email and IAM directory separation Jones, Mark B (Apr 17)
- <Possible follow-ups>
- Re: Email and IAM directory separation Davis, Chris (Apr 17)