Association of Research Libraries; <http://www.arl.org/>EDUCAUSE; <http://www.educause.edu/>
    
CNI - Coalition for Networked Information; <http://www.cni.org/>
 
About CNI
Task Force Meetings
Conferences
Presentations and Publications
Projects
CNI Collaborations
Site Map
Google

www.cni.org
the web

Information about CNI RSS news feed.
 

Project Briefing: Spring 2004 Task Force Meeting
----------

 

Security and Privacy:
Workstation Authentication and Records Retention

Lori Driscoll
Associate University Librarian and Chair of Access Services
University of Florida

Peter Murray
Assistant to the Director for Technology Initiatives
University of Connecticut

Gordon Wishon
CIO, Assoc. Vice President & Assoc. Provost
University of Notre Dame



Efforts to secure computers and networks and the development of corresponding policies and procedures that appropriately protect user privacy present difficult challenges for libraries and institutions of higher education. These policies are of increasing importance due to security concerns, legislation such as the USA PATRIOT Act, and the changing licensing requirements of software and database vendors.

The Association of Research Libraries (ARL) recently published two reports examining patron privacy and authentication of public workstations. The study on patron privacy revealed a wide variety of retention guidelines and few specific privacy policies. Librarians in general were unaware of which records their institution retained and for what length of time and did not fully understand the technological issues related to purging data from computers. The second study showed that there is little consensus on how to handle authentication of public access workstations. Some libraries have policies independent of their institutions' IT security policies, while others defer to their institutions' policies. The same issues confound efforts to secure workstations in computer labs, classroom PCs, public kiosks, hardware that is loaned or shared among multiple users, and wireless network access.

This briefing will explore the ARL reports and related campus challenges in light of the "Principles to Guide Efforts to Improve Computer and Network Security for Higher Education" developed by the EDUCAUSE/Internet2 Computer and Network Security Task Force in 2002.

Web Links:
http://www.arl.org/spec/SPEC278WebBook.pdf
http://www.arl.org/spec/SPEC277WebBook.pdf
http://www.educause.edu/security

Handout:
Security and Privacy: Workstation Authentication and Records Retention (DOC)

Presentation:
Security and Privacy: Workstation Authentication and Records Retention (PDF)




Spring 2004 Meeting Home Page     Spring 2004 Project Briefings     Spring 2004 Schedule
 

© 2008 Coalition for Networked Information. All Rights Reserved.
Last updated Monday, April 26, 2004.