Talk:Information Security in Education

A Class Project
This Wikibook is an ongoing project of ED638, Information Security in Education, at Wilkes University. The information is presented from an educator's perspective with sample technical issues included. It is intended to be more an educator's guide than a technical guide.

For information about editing wikitext, explore the pages at Editing Wikitext

Most of the images in this Wikibook are found at http://everystockphoto.com and are posted under a Creative Commons Attributions license.

- Scott Garrigan, EdD - scott.garrigan@wilkes.edu --Sgarrigan (talk) 03:50, 22 June 2009 (UTC)

Unit 9 Discussion

As I was reading over the past class's work, I noticed that a missing piece in their page was "the human factor" as Schneier calls it. I would like to develop a page that discusses why good professional development and/or staff training would be necessary in a school district to keep information more secure. As Schneier (2000) says, "humans are the weakest link in a chain of security" (p. 266). Susan--Stomchak (talk) 16:21, 22 March 2010 (UTC)

Sue- this seems like a great topic to add to the wikibook. The human factor plays such a large role in security that its important to touch on --Erin Thomas (talk) 16:53, 28 March 2010 (UTC)more. Insert non-formatted text here

I think I might address security policies for mobile technologies such as phones, ipods, etc. - K. Covey

''K. Covey, thank you for looking into this topic. I believe that districts need to start addressing possibly using letting students using mobile technologies for class work.''--Stomchak (talk) 15:10, 27 March 2010 (UTC) K. Covey- this is a good idea to focus on. Mobile technologies are so widely used today and I haven't seen much information on security policies for these types of devices.--Erin Thomas (talk) 16:53, 28 March 2010 (UTC) K. Covey - I would love to read about the topic of cell phones in relation to education since I am considering having my students use their cell phones in the classroom. - D. Kellner

I'd like to devote my topic to malicious software, viruses, worms, trojan horses, etc. Ch 10 of Schneier's book and Ch 4 of Computer Security Basics both have good info, and there are more resources available. - D. Mulherin Dean: This is a great topic. I can use some resources for this b/c I am not very familiar with this.

--Thomernie (talk) 14:23, 27 March 2010 (UTC)For my wiki page I would like to focus on network defenses such as firewalls, DMZs, email security, etc. Erin--Thomernie (talk) 14:28, 27 March 2010 (UTC)

Help! I have no idea what I would even consider addressing. I will think some more, but any ideas would be appreciated. - D. Kellner

What about a page devoted to case studies in information security?--Stomchak (talk) 15:10, 27 March 2010 (UTC)

What a great idea. This would help schools understand the risks from the point of view of what has happened previously. Thank you so much. - D. Kellner

How about something with encryption and or cryptography. I found these topics to be somewhat difficult to understand so maybe putting some of the information in layman's terms would help visitors to this wikibook.--Erin Thomas (talk) 16:53, 28 March 2010 (UTC)

Thanks, but unfortunately, I also found these topics, although fascinating, difficult and foreign. I don't think I would be able to do a good job making them easy to understand. - D. Kellner Darlene: Why don't you look at social websites and the policies developed for schools? This is a hot topic on the CFF Listserv.-KCovey I wanted to take a look at CIPA, FERPA and HIPAA in regards to school information security. I have already found some information about how each of these impact the creation and implementation of information security plans in schools. The references I have found thus far are:

References

The Childrens Internet Protection Act of 2001, Pub. L. 106-554 Sec. 1732. found at http://www.fcc.gov/cgb/consumerfacts/cipa.html

The Family Educational Rights and Privacy Act of 1974 20 U.S.C. § 1232g; 34 CFR Part 99. found at http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html

The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191 guidelines found at http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/hipaaferpajointguide.pdf Grace Surdovel

I entered, or so I thought, a post on this page several days ago. I am not sure where it went. I thought that I saved it. Oh well. I have chosen cryptography as my topic. From the first mention of it at the beginning of the course it intrigued me. I have found an excellent web site as well as 3 reference books:   ...jstempin

An Introduction to Cryptography. Retrieved March 22, 2010 from http://home.earthlink.net/~myulnir/crypt.intro.html

The Code by Simon Singh

Codes, Ciphers and Secret Writing by Martin Gardner

Applied Cryptography by Bruce Schneier

Melanie's Wikipage

Topic for Wikibook

I would like to present information on Authentication – Safeguarding passwords with today’s technology – Better Password Practices, Maintenance, and & Security

Some of the Resources where I have done preliminary reading are:

Keeping passwords secure on Blackberry Smartphones - http://www.computerworld.com/s/article/print/9165238/Five_tips_to_keep_your_Blackberry_safe?taxonomyName=Security&taxonomyId=17

Password management app for iPad - http://blogs.computerworld.com/15800/ipad_apps

Master Password Feature in Firefox - http://blogs.computerworld.com/15687/trust_no_one_and_how_it_applies_to_firefox_passwords

Facebook Password Spam - http://www.computerworld.com/s/article/9173158/Facebook_users_targeted_in_spam_attack

Create Strong passwords - http://www.microsoft.com/protect/fraud/passwords/create.aspx

Passwords on Macs - http://support.apple.com/kb/HT1352

Window tips to protect files/folders - http://www.pcworld.com/article/110663/windows_tips_passwordprotect_your_sensitive_files_and_folders.html

Protecting your computer with password - http://www.ehow.com/how_3880_password-protect-computer.html

Better password practices - http://www.symantec.com/connect/articles/simplest-security-guide-better-password-practices

Password generators - http://www.pctools.com/guides/password/

Password Advice from Schneier - http://www.schneier.com/blog/archives/2009/08/password_advice.html

Stanford University Secure Remote Password - http://srp.stanford.edu/

Duke University Password Protocols - http://security.duke.edu/password.html

Perfect Passwords Generator - https://www.grc.com/passwords.htm

NetSecurity Password Practices - http://netsecurity.about.com/cs/generalsecurity/a/aa112103b.htm

Password Security - http://www.softstack.com/

The College of New Jersey Password Protection - http://www.tcnj.edu/~it/security/passwords.html

Security Questions for Password Retrieval - http://www.goodsecurityquestions.com/

Passwords – the weakest link - http://www.denniskennedy.com/blog/2005/11/passwords_the_weakest_link_in.html

The Usability of Passwords - http://www.baekdal.com/articles/usability/password-security-usability/

Password security - http://www.password-software.com/security-articles.htm

Norton – Building a better password - http://www.symantec.com/norton/products/library/article.jsp?aid=password_secure

Password Security Articles - http://labmice.techtarget.com/security/passwordsec.htm

Password Tips - http://www.thebitmill.com/articles/password_tips.html

Passing on digital data - http://www.inc.com/magazine/20100301/passing-on-your-digital-data.html#

I would like to include the following in my wikipage:

Quote - "Strongest Security" = "Weakest Password" - http://www.thebitmill.com/articles/password_tips.html

Include strong password policies for students K-12

Include online learning opportunities about password security

Include list of books to teach password protection practices