I have to agree with Nils on this one. I use to work at a college as well and rules are changing and continue to as far as how things get stored but the most important information like SS# and personal password should never be even stored in a db without encryption. It isn't even about identity theft either, you would be surprised how many 18 year old ex-girlfriends try to drop boyfriends from classes without them knowing or the guy who really wants that girls phone number to any number of countless scenarios. Colleges see it all when it comes to that stuff yet many of them seem to have some really old systems that have little to no protection run by system admins that have started programing on punch cards and think the system works just fine.
-Brian . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Posted from the new ixda.org http://www.ixda.org/discuss?post=43289 ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [email protected] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
