Data Security and Stewardship Committee
Cordelia Camp 101a
Thursday, January 27, 2011
Present Shea Browning, Pam Buchanan, Steve Christison, Craig Fowler,
Lisa Gaetano, Larry Hammer, Debbie Justice, Scott Koger,
Anna McFadden, Zeta Smith, Mike Stewart, Scott Swartzentruber,
and Kay Turpin
Guests Barry Bidwell, Brandy Henning, Mark Kossick, Anna McFadden
Recorder Jenny Owen
Handouts
Approval of Minutes
Student Email Upgrade





12-08-10 DSSC Minutes
Policy & Procedure Manual for Sim Lab 01.06.11
Project Proposal Summary for Enka Nursing Simulation
Simulation & Control Room Budget 01.07.11
WCU Policy 93 – Electronic Mail
 The minutes from the December 8, 2010, Data Security and
Stewardship Committee (DSSC) meeting were approved.
 Shandon Bates gave a brief update on the student email upgrade
that was successfully completed over the holiday break.
Status of DSSC-002 Policy –
Procedure for the Collection
and Securing of Electronic
Data in Potential Misuse
Situations
 Craig reported that Executive Council had approved the posting
of DSSC-002 Policy – Procedure for the Collection and Securing
of Electronic Data in Potential Misuse Situations. This policy
includes hyperlinks to University policies 85 and 52. Scott Koger
added that until we have an intranet portal, he thought it would be
better to post DSSC-002 without the hyperlinks that are currently
in the policy.
Action Item
 DSSC members approved the internal posting of DSSC-002
Policy – Procedure for the Collection and Securing of Electronic
Data in Potential Misuse Situations without the hyperlinks.
Action Item – Degaussing
Hard Drives
FERPA Data for Enka
Simulation Lab Project
Action Item
 Koger was given approval to obtain formal bids from the two
vendors he had contacted about degaussing hard drives. He will
report back to this committee when he receives the bids.
 Lisa Gaetano will work with Koger on the requirements for the
bid.
 Mark Kossick provided information to DSSC members about
how he plans to deal with data security related to the new Enka
simulation lab.
 DSSC members approved Kossick going forward with the Enka
simulation lab project--contingent on Kossick’s assurance that
Data Handling Procedures
Action Items
there are plans in place for the following: encryption for the data
store, a process for managing access keys, and a method for
secure camera feeds.
 Based on feedback from this meeting, Kossick will forward a
revised policy and procedure manual to Anna McFadden for
review.
 Gaetano and Koger said they needed more time to report on data
handling procedures from other institutions. They said they had
not received many responses to their inquiry.
 Because of the lack of information that has been received from
sister institutions, Koger will start surveying some of the National
Institute of Standards and Technology’s (NIST) documents to see
if there is information that can be used. He explained that this
would, at least, provide a baseline.
 Koger will forward, to Jenny Owen, what information he
compiles so Owen can distribute it at the next DSSC meeting.
 Data handling procedures at sister institutions will continue to be
a carry-over agenda item for the next meeting.
Status of Policy 93 –
Electronic Mail Policy
 Fowler reported that the reference to forwarding email had been
removed from Policy 93.
Action Items
 Scott Koger, Lisa Gaetano, and Shandon Bates were asked to
look into doing a full revision of Policy 93. Browning was asked
to review the policy after it has been revised. At the next DSSC
meeting, Koger and Gaetano will report on what has been done.
Status of MS Windows Live
Contract
 Shea Browning provided Debbie Justice with a copy of Chapel
Hill’s Microsoft Windows Live contract. She shared the copy
with Scott Koger and Systems & Operations for their review.
Action Item
 Justice will provide Browning with the name of a Microsoft
contact so work can begin on the renewal of WCU’s agreement
with Microsoft.
Action Item - Faculty
Member on DSSC
 Anna McFadden said she will revise university Policy 97 – Data
Security and Stewardship so that the policy will reflect the
addition of a faculty member to DSSC membership. The revised
Policy 97 will have to be presented to Executive Council for their
approval.
 Fowler asked McFadden to make certain the chair of the Faculty
Senate approved of this request before going forward.
Security for Active Directory
External Accounts
 McFadden said Browning had put together a draft end-user
agreement on how to handle external access to Blackboard. She
explained Entrepreneurship and College of Education & Allied
Professions are both very interested in doing this. It would
provide QEP opportunities where people in the community could
interact with students, and also help provide professional
development for student teachers.
 McFadden said this is only a first step. The goal will be find a
way to automate accounts in Active Directory and in Blackboard
for these end users.
Action Item - Security for
Active Directory External
Accounts
 Several end-users will be invited to the next DSSC meeting.
 The draft end-user agreement will be sent to DSSC members for
their review so it can be discussed at the next meeting.