I have to agree with Nils on this one. I use to work at a college as
well and rules are changing and continue to as far as how things get
stored but the most important information like SS# and personal
password should never be even stored in a db without encryption. It
isn't even about identity theft either, you would be surprised how
many 18 year old ex-girlfriends try to drop boyfriends from classes
without them knowing or the guy who really wants that girls phone
number to any number of countless scenarios. Colleges see it all when
it comes to that stuff yet many of them seem to have some really old
systems that have little to no protection run by system admins that
have started programing on punch cards and think the system works
just fine.
-Brian
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Posted from the new ixda.org
http://www.ixda.org/discuss?post=43289________________________________________________________________
Welcome to the Interaction Design Association (IxDA)!
To post to this list .......
discuss@...
Unsubscribe ................
http://www.ixda.org/unsubscribeList Guidelines ............
http://www.ixda.org/guidelinesList Help ..................
http://www.ixda.org/help
