Saturday at 8:32pm, Oscar Schultz said:
The data is not ours. The data is solely the Church's. They are responsible
for it. We are responsible to guard the data by following the Church
guidelines as closely as possible. Where there is a question we should error
on the side where the data is not disclosed, regardless of the perceived
benefit, need or personal opinion. If you are aware of an unauthorized
disclosure or unauthorized use you should (must) report the disclosure or
use to the appropriate Church authority.
I agree. Safeguarding it is a very serious matter.
Today at 7:47am, Arthur Westover said:
1. Palm files. Since MLS gives you the option of
exporting it for handhelds, methinks they approve it.
Exactly.
Be careful. Only release the data on need to know basis. If they don't have
personal access to the data inside of MLS don't bypass the MLS controls - no
access, no data. Train everyone you give data to. If you print it shred it.
If you have a ecopy, protect it and wipe it when you are done. I hope you
have linux and 500 permissions on the file. Wipe is a special delete tool -
read the man page and use it or something better.
Of course. Only people with Administrator permission in MLS are allowed to
export, and they should of course be extremely careful what they pass
along to others. I can't think of many people that would need an e-copy of
the data that don't already have Admin access, so passing it along should
be very carefully considered.
2. Our stake center has broadband and wifi for what
that's worth.
Ours too. (Ours is because of our family history center, but they did wifi
to the clerk's offices for some reason. I love it, but it doesn't jive
with what the handbook says about clerk's offices not having internet
access.)
Talk to the Stake Clerk, the Ward Clerk, the Bishop, and the Stake President
ASAP or sooner. You have to ASSUME all of the data on the computer has been
compromised - GET A FULL AUDIT DONE. Contact the Church immediately.
Remove the wifi card from the computer immediately with the Stake Clerk
present.
Now hold on a minute here. The Church was the one that sent people to come
and install the WiFi. They installed the DSL, the firewall (Cisco PIX500,
IIRC), and the wifi APs and in all the office computers, including the
AEGIS software to be able to use the wireless in the first place. We have
no reason to believe that anything has been compromised. The Stake
President, Stake Clerk, Bishops, and Ward Clerks are all aware of the
situation, as is the Church, since they installed it.
Perhaps we're a test site, I don't know. In any case, being able to use
lds.org and our stake/ward web sites from the office is _extremely_
helpful, and I'm very glad we have the internet access.
Don't even consider remote access. IF the Church ever permits it they will let
you know how to do it. Be patient - the data belongs to the Church and the
Church is responsible to keep the data secure. Unauthorized disclosure of
PERSONAL data, especially a child's data, COULD cause a great deal of harm to
the Church.
Exactly.
Mac
--
Mac Newbold MNE - Mac Newbold Enterprises, LLC
[EMAIL PROTECTED] http://www.macnewbold.com/
_______________________________________________
Ldsoss mailing list
[email protected]
http://lists.ldsoss.org/mailman/listinfo/ldsoss
