Guidance on security of printers, scanners and copiers
Replication Device Security
The National Institute of Standards and Technology has published the internal report, Risk Management for Replication Devices
. It provides guidance on protecting information processed, stored, or transmitted on replication devices (i.e. printers, scanners, copiers, multifunction devices).
The report addresses threats and vulnerabilities including:
- Default passwords and configurations
- Unencrypted data transmission or storage
- Access control - waste of resources, denial of service, unathorized storage
- Open ports/protocols
- Outdated and/or unpatched operating systems and firmware
- Compromise (e.g. use in botnet or as relay point)
- Physical security
The report also describes security considerations throughout the system development life cycle including:
- Initiation - how the device will be used
- Development/acquisition - the necessary capabilities
- Implementation - configuration of security controls
- Operation/Mainenance - performing updates/upgrades and identifying compromise
Happy Data Privacy Day!
DPD is an international effort centered on "Respecting Privacy, Safeguarding Data and Enabling Trust.
FERPA: What You Need To Know
Student Privacy Rights
Individuals with questions regarding FERPA interpretation at McNeese State University should contact the Office of the Registrar
FERPA gives parents certain rights with respect to their children's education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level. Students to whom the rights have transferred are "eligible students."
Parents or eligible students have the right to inspect and review the student's education records maintained by the school. Schools are not required to provide copies of records unless, for reasons such as great distance, it is impossible for parents or eligible students to review the records. Schools may charge a fee for copies.
Parents or eligible students have the right to request that a school correct records which they believe to be inaccurate or misleading. If the school decides not to amend the record, the parent or eligible student then has the right to a formal hearing. After the hearing, if the school still decides not to amend the record, the parent or eligible student has the right to place a statement with the record setting forth his or her view about the contested information.