Security Standard related course

Since this is a Security Standard related course and you’re taking it at a University, it seems apropos to address the FERPA regulations. The FERPA regulations are federally sponsored and help to protect information that students have on file with colleges, schools, Universities, etc. Initially, the parent’s rights for the privacy of this information are covered. When a student turns 18 years old, the rights transfer to the student and the parent loses all rights associated with that individual’s information. This transfer of rights can also take place when a high school students moves into a higher education institution but may not meet the 18 year age requirement. The individual holding these rights has the right to review the documents on file with the institution at any time. This includes ALL information pertaining to the student. The school, however, is not required to provide copies. The individual holding the rights has the right to request the school correct records it holds on the student that are believed to be incorrect. If the school resists, there can be a hearing on the matter. After the hearing, if the school STILL decides there is no error, a record can be placed in the file by the individual stating the point of contention. This is in case anyone reads the file later; they can see both sides of the issue. Written permission must be obtained, in MOST cases before releasing any information related to a student. In cases of law enforcement, this doesn’t always hold true. Another avenue is when a directory listing is made telling student name, address, phone, honors, etc. However, the school IS required to notify students and parents about these actions in advance, allowing enough time to deny the action if warranted. Now when we take all of this information and start considering, what does this mean to UAT as an institution and our networks? A compromise of the UAT administrative systems would mean what? A loss of company information? Perhaps. A loss of student information? Possibly. A loss of credibility? Probably. (UAT= University of advancing technology) Now, along with every other security standard, we’re studying, you’ve probably started to notice a severe lack of details concerning technical security implementations to protect information. There are lots of fines, penalties, and what-ifs, but not real structured guidance. So in order to avoid these bothersome things, the institution is left with individuals such as yourself to give them advice on securing their networks and systems in order to protect their student information.