Home / News / Administration / Information Technology planning a revision to current security system

Information Technology planning a revision to current security system

In response to an information security audit conducted by the Board of Regents last year, VSU’s Information Technology Division is planning a revision of the current security system.
On Dec.11 of last year, Joe Newton, Director of Information Technology, reported an incident of unauthorized access to a VSU server. The server contained sensitive information on faculty from 1996 to present and student information from 1997 to present. According to a report by Thressea Boyd, Assistant to the President, the server contained social security numbers and grades. The breached server has since been removed from the network.
The breached server was not the first leak in recent history at VSU. In May 2005 there was also a breach at the VSU 1Card Services, in which the University urged those affected to place a fraud alert on their credit files.
In both cases, VSU could not determine if any personal data was transferred.
Since last year’s security, the IT has started to implement a recommended plan of action.
“Information about these actions are sensitive and confidential in order to preserve security,” said Newton.
Banner web, one of the most widely used student resources, is currently protected using an array of separate measures working together.
“Student records are secured using various means of access, database, system, and network security controls. Security is applied in the various layers of the environment in which records are stored and accessed,” said Newton.
Newton explained that VSU applies controls in each of the individual layers, but could not comment further without compromising security. For students who want to know more about their rights to privacy, a full description of what information can be disclosed is available at the VSU website under the policy index.
Under the FERPA policy, school officials with legitimate reasons are the only exceptions to disclosure without consent.
Furthermore, VSU reserves the right to publish student records to a directory which can include a student’s name, address, phone number, email address, height and weight for athletic members, class schedule, and more.
Students should take action if they believe they are a victim of unauthorized use. In the case where a student believes their information on Banner web may have been compromised, they are urged to change their password immediately and contact the Registrar. Depending on the degree of exposure, students can also place fraud alerts with the three major credit bureaus: Equifax, Trans Union, and Experian.

Check Also

Cherie’s Picks Week of 12/09

Welcome to Cherie’s Picks! I am so glad you decided to drop in. This is ...

Leave a Reply

Your email address will not be published. Required fields are marked *