Home > TechTalks > Events Archive > TechTalks Event

TechTalks Event

The Top Ten User Mistakes that Make Security Tough!

with guest expert Mark Bruhn, of Indiana University

November 2, 2000

Audio
  • Streaming MP3
  • Download MP3 (Download Tips)

Transcript

The archived audio, and then the edited transcript, of this event will be available from this event page soon. Bookmark us!

How would you like to be the Information Technology Policy Officer at a top IT school which has "issues" like Napster to deal with? What kinds of things do students and other users do that create security problems? Here are Mark's "Top Ten." Let us know what you would add to the list, or comment on these, by sending a message to expert@cren.net. We'd also like it if you could share the URL to your institution's policy about these kinds of security issues. Thanks in advance.

Mark's Top Ten
  1. Installing unnecessary programs and services.
  2. Not keeping current on software patches, especially security related ones.
  3. Not installing anti-virus software and keeping its virus patterns current.
  4. Opening e-mail attachments from unknown people.
  5. Bringing up lab (test) machines and forgetting about them.
  6. Lack of adequate training to administer the system.
  7. Inadequate handling of sensitive data (gathering more than what they need, keying files off of SSN, etc.)
  8. Not deploying encryption where available.
  9. Propagating virus hoax and chain mail.
  10. Sharing passwords.
Plan now to send in your questions to expert@cren.net and join Technology Anchor Howard Straus and Co-Host Judith Boettcher on Thursday, November 2 at 4:00 pm Eastern time as they commiserate with guest expert Mark Bruhn about the the user mistakes that make IT security on campus a tough job.

Guest Expert

Mark Bruhn is Information Technology Policy Officer for all of Indiana University's campuses. He is a recognized leader in information technology administration with significant experience and notable expertise in information technology policy and security issues. Mark has been with the central information technology organization at IU since 1985. During that time, he had a management role in most aspects of computing services in support of the business processes used by all eight IU campuses, including experience with the operational aspects of applications development, security administration, database administration, computer operations and information services.

Co-Hosts

Howard Strauss, Manager of Academic Applications at Princeton University, is TechTalk's Technology Anchor.

Co-Host Judith Boettcher is CREN's Executive Director. Together, Howard and Judith will ask the really tough questions—and relay the questions you email to them at expert@cren.net.

Background & Resources

Previously-archived CREN Tech Talks, with streaming audio, transcribed audio to read, and hyperlinked resource lists, are great, bookmarkable resources. Here are hyperlinks to some earlier CREN events about wireless networking (most recent first). Remember, most archived Tech Talk includes an audio archive, an edited transcript of the audio, and the hyperlink resources from the event document. Mark Bruhn has been a guest at several previous Tech Talks.

Then, if your forte is policy issues, the newly-formed Association of College and University Policy Administrators (ACUPA) welcomes new members who wish to help identify current and emerging institutional policy issues, as well as benchmark good policy processes (development, approval, and distribution).

Mark has shared the URL for his University IT Security Office list of sites focusing on computer security, and vendor-supplied patches for various security-related software and operating system bugs. From that page, here are some virus-related resources:

As usual, EDUCAUSE has some useful, related resources. Here is a list of Educause policies.

EDUCAUSE also reports each year on top higher ed-related IT issues. From EDUCAUSE Quarterly, here's Checking the Radar: Survey Identifies Key IT Issues by James Roche and Top 10 IT Challenges of 2000 by Paul B. Gandel. And, a recent column in EDUCAUSE Review addressed help desk improvement issues.

A current Chronicle of Higher Education article entitled, Campus Newcomers Arrive With More Skill, Better Gear: A look at freshman computing lifestyles at 5 institutions indicates that as increasingly sophisticated freshman are arriving on campus with increasing expectations about what they'll be allowed to do with IT on campus, many of the issues Mark will address are going to become even more sensitive and urgent.

And Judith shares with us the URL of the Computer Security Institute (CIS), where staff can get good, fairly non-technological training about computer-related security issues - and, from Network Magazine, this article on how to protect against evolving intentional security attacks: Emerging Technology: Deploying an Effective Intrusion Detection System.