Subject: | |
From: | |
Reply To: | |
Date: | Wed, 3 May 2006 15:28:04 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
> From: "Hilliard, Mary" <[log in to unmask]>
> Subject: Re: Toughening up Identity Theft legislation
>
> Hugh,
> As Records Management Officer of UT System (which includes UT Austin),
> I
> have used this incident as a vehicle to communicate to others in my
> organization how our recently approved Records Management Guidelines
> for
> UT System Administration
> (http://www.utsystem.edu/records/documents/
> UT%20System%20Administration%
> 20Records%20Management%20Guidelines%20041206.doc) provides a model that
> can help with the process of identifying where personal information is
> located and assigning responsibility for its protection. The thought
> processes on how IT relates to the information in its custody versus
> who
> "owns" the information are slow to change. I agree that our profession
> must take an active role in educating others to the value we can
> provide.
>
> Mary Hilliard
> Records Manager, Records Management Officer
> UT System Administration
Mary I downloaded the Records Management Guidelines and I thought it
was excellent. I think one of the concepts that records managers
adopted a long time ago of moving inactive records offsite or away from
the high use records is one that IT often ignores. Why keep Alumni
records on line constantly? I think one of the problems with evaulting
is that everything is exposed all the time or at least that is my
perception that you can bring up anything at any time. The fact that a
human has to load a tape or cartridge and review who is requesting the
information might be a valuable security step to have in the security
program. As soon as it has to be offline for security then RM should
have control of it.
Keep in mind, I was not criticizing UT for being exploited by some
computer whiz. I just read how Auburn University had a "BOT Attack"
that shut down their system. So as long as we have online computers we
are always at the mercy of the next smart kid with a new attack idea.
My post was to encourage ARMA and Records Managers to be more vocal
about what Congress is doing to the Identity Theft legislation.
But as you mentioned "
> The thought processes on how IT relates to the information in its
> custody versus who
> "owns" the information are slow to change.
But I think these instances are great talking points to involve records
management in the management of IT's records. Somehow a disconnect is
there that must be remedied.
I mean, I can understand how Auburn University could be attacked but
not my beloved UT. How can this occur when "The Eyes of Texas are upon
you, all the live long day! The Eyes of Texas are upon you, you can not
get away!"
Therefore I predict UT will catch the felon who stole our files. And
then Texas justice will occur! That's right, we will go make them live
in College Station. Oh the Humanity!
[Note: Apologies to Auburn University, Texas A&M University and the
Town of College Station]
Hugh Smith
FIRELOCK Fireproof Modular Vaults
[log in to unmask]
(610) 756-4440 Fax (610) 756-4134
WWW.FIRELOCK.COM
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
|
|
|