[unisog] Creating standard edu policies

David Brumley dbrumley at rtfm.stanford.edu
Mon Aug 6 18:10:36 GMT 2001

I think I would answer no.  Each university has a different set of
lawyers who look at the policies in terms of liability.  Each is going
to have their own idea as to where the ToS/AUP should protect the
university, and where it does not.

I don't believe most universities have even considered whether or not
they fall under the ISP clause of the DMCA. 

In other words, technology is not necessarily the entire motivation
for policies.  I have seen at most conferences, however, tutorials on
what you should consider in your policies.  Those tutorials often
appear under the guise of "legal issues".  


> Excellent idea.  
> I've seen similar discussions at the last couple of SANS I've been to (and
> other CSIRT team members here have been to). Anyone know what status that
> has? It might be a good place to start...
> Jim
> ========================================
> James E. Martin        
> University of Missouri System                   
> MOREnet Network Security Coordinator                      
> ========================================
> -----Original Message-----
> From: Mary M. Chaddock [mailto:chaddock at acu.edu]
> Sent: Friday, August 03, 2001 10:10 AM
> To: unisog at sans.org
> Subject: [unisog] Creating standard edu policies 
> Hash: SHA1
> I would like to toss an idea on the table.
> We should all understand by now the importance of having official
> technology policies. I'm primarily talking about Appropriate Use Policies.
> I've been reading some of the various .edu usage policies and have
> found them to me very similar.  However it is obvious that some are much
> better prepared and thought out.
> What I am wondering is if it would be possible for the Universities to
> come together and create an ubiquitous policy or policies.
> Any thoughts?
> Also.. I must give kudo's to Yale.  Their policy
> (http://www.yale.edu/policy/itaup.html) is one of the best I have seen.
> Mary M. Chaddock  (chaddock at acu.edu)
> Network Security Administrator
> Abilene Christian University
> Abilene, Tx.
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> iD8DBQE7ar7Pmmza7msOBW0RAlGhAJ9m2TDruIyOTjRoCF6rRN5G7yp5fgCgxvOb
> 65NqzwaPp/mqwtJGnTk6i1k=
> =eNkl

David Brumley - Stanford Computer Security -   dbrumley at Stanford.EDU
Phone: +1-650-723-2445           WWW: http://www.stanford.edu/~dbrumley
Fax:   +1-650-725-9121  PGP: finger dbrumley-pgp at sunset.Stanford.EDU
Life is a whim of several billion cells to be you for a while.

More information about the unisog mailing list