Educause Security Discussion mailing list archives
Re: Interesting Research
From: "Von Welch (Work)" <von () VONWELCH COM>
Date: Tue, 2 Apr 2019 19:54:36 -0400
Ron, Iām curious as to your risk acceptance process around research on campus. Do your VCR/VPR or CIO play a role in risk assessment and acceptance in this case? Thanks, Von -- Von Welch Director, Center for Applied Cybersecurity Research / cacr.iu.edu <http://cacr.iu.edu/> Pervasive Technology Institute / Indiana University vwelch () iu edu <mailto:vwelch () iu edu> / (812) 856-0363
On Apr 2, 2019, at 4:01 PM, King, Ronald A. <raking () NSU EDU <mailto:raking () NSU EDU>> wrote: Fellow security pros, I have an interesting research request come in my inbox today. A researcher wants to setup a portal for students to self-register with a username and password. The kicker is passwords will be stored in plain text and collected. The premise is to gauge whether students are actually adhering to suggested practices in password design. My first reaction is ā(heck) no,ā but I realize I may be overreacting. So, I decided to see if anyone has dealt with this kind of research and how you handled it. While I see the value in the research, my security senses tell me students will be using their standard password they use for everything. Thus big risk. Feel free to contact me directly. Thank you, Ron Ronald King Chief Information Security Officer Office of Information Technology (757) 823-2916 (Office) raking () nsu edu <mailto:raking () nsu edu> www.nsu.edu <http://www.nsu.edu/> @NSUCISO (Twitter) <image001.png>
Current thread:
- Re: Interesting Research, (continued)
- Re: Interesting Research Albrecht, Travis (Apr 02)
- Re: Interesting Research Laverty, Patrick (Apr 02)
- Re: Interesting Research Barton, Robert W. (Apr 02)
- Re: Interesting Research Greg Williams (Apr 02)
- Re: Interesting Research Ashlar Trystan (Apr 02)
- Re: Interesting Research John McCabe (Apr 02)
- Re: Interesting Research Clark Gaylord (Apr 02)
- Re: Interesting Research Bridges, Robert A. (Apr 02)
- Re: Interesting Research Bridges, Robert A. (Apr 02)
- Re: Interesting Research Bridges, Robert A. (Apr 02)
- Re: Interesting Research Tanner, Andrea (Apr 02)
- Re: Interesting Research Von Welch (Work) (Apr 02)
- Re: Interesting Research John Chapman (Apr 03)
- Re: Interesting Research King, Ronald A. (Apr 09)
- Re: Interesting Research Mark Poepping (Apr 09)
- Re: Interesting Research Brad Judy (Apr 02)
- Re: Interesting Research Hiram Wong (Apr 02)
- Re: Interesting Research Gael Frouin (Apr 02)
- Re: Interesting Research Hiram Wong (Apr 02)