Re: Physical Key Management

[Dan Wasson <dan () NMC EDU>]

We use the Morse Watchmans KeyWatcher system.  This is centrally managed by
our Facilities department (they have their own box), and I have 5 boxes
located at various campuses and locations.  We have been using it for
several years and it works quite well.  You can set each individual's
access ability to specific keys or all keys.  When a key is requested that
is out, it tells you on the panel who has the key.

Dan


*Dan Wasson*
*Director Systems & LAN Management*
*Northwestern Michigan College*
*231-995-1164*
*dwasson () nmc edu <dwasson () nmc edu>*

*Don't be a scam victim - NMC and other reputable organizations will never
use email to request that you reply with your password, social security
number or confidential personal information.*


On Fri, Aug 16, 2019 at 10:26 AM Jacobs, Mike <mjacobs () oglethorpe edu>
wrote:

> We have a lockbox in IT with only 2 Sr. IT members having access. Those
> members handout the keys to other members.
>
> Get Outlook for Android <https://aka.ms/ghei36>
>
> ------------------------------
> *From:* The EDUCAUSE Security Community Group Listserv <
> SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Kimmitt, Jonathan <
> jonathan-kimmitt () UTULSA EDU>
> *Sent:* Friday, August 16, 2019 10:20:21 AM
> *To:* SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
> *Subject:* [SECURITY] Physical Key Management
>
>
> Hi all,
>
>
>
>   I’m curious on what people have had success with for physical key
> management?
>
>
>
> Specifically the master & grandmaster keys that the IT department uses to
> get into buildings, offices,  and residential areas, so they may work on
> the network, computers, etc.?
>
>
>
> We have tried a few things in the past, and are looking for something new:
>
>
>
> -          Check out system at your Campus Security/Facilities
> department?  (Staff are extremely resistant to this)
>
> -          Physical key management lock box (that only allows each person
> only their assigned key)  (This can be very expensive)
>
> -          Regular lockbox (the hanging tag type, that anybody could take
> anything from the box)?   (Our current setup)
>
>
>
> Specifically, we have concerns on a couple of issues….
>
>
>
> 1.       Technicians/engineers taking keys home
>
> 2.       Technicians taking keys that are not assigned to them
>
> 3.       Technicians taking keys that have greater access than they are
> approved for
>
>
>
> Is this an issue at other institutions?  Has anybody found a good balance
> between security and convenience?
>
>
>
> -Jonathan
>
>
>
>
>
> ~
>
> Jonathan Kimmitt
>
> CISSP, PCIP, CEH, CIPM, GPEN, CIPT, CIPP/E
>
> Chief Information Security Officer
>
> Information Technology
>
> The University of Tulsa
>
> 918.631.2743
>
> jonathan-kimmitt () utulsa edu
>
>
>
>
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community