Friday, March 28, 2003
|
|
|
Cal State Moves to Close Security Loophole in Controversial Computer SystemBy DAN CARNEVALE
The California State University System is tightening security for its new administrative software system after state officials voiced concerns about a problem that gave staff members access to confidential student information, including Social Security numbers. Administrators at Cal State have known about the problem for about a year and have made employees with access to the database software sign agreements promising to keep student information confidential. But after a state audit released earlier this month criticized the new software for its security problems and cost, officials announced on Thursday that they would take extra steps to secure the information in the database. Cal State officials plan to have PeopleSoft, the company that created the software, update the database system so that students' birth dates and the first five digits of their social security numbers are blocked out. That fix should take about two months, said Colleen Bentley-Adler, director of public affairs for the Cal State System. In the meantime, university officials will double check which employees have access to the database so administrators can make sure it's limited to appropriate staff members. Those employees will sign another confidentiality agreement. "This is to really reiterate to our employees that you have secure information and you need to be careful with it," Ms. Bentley-Adler said. The new software, called the Common Management System, is designed to replace the outdated computer systems that are on Cal State's 23 campuses with one system. An audit prepared by the California Bureau of State Audits found that the Common Management System, which was projected to cost $440-million, could cost as much as $662-million to get going (The Chronicle, March 28). PeopleSoft officials have challenged the audit's criticisms and say the original cost estimate is correct. The audit also criticized the security holes in the software. "The lack of security around a search feature in the PeopleSoft software apparently allows employees access to the confidential information of other employees and students beyond what is needed to do their jobs," the audit states. The poor review has prompted state legislators and faculty members to criticize the implementation of the Common Management System, with some calling for it to be postponed. But Ms. Bentley-Adler said that the software's implementation would not be delayed. The extra precautions should prevent any problems with security without costing Cal State any significant amount of money, she said. "We not have had any problems that I am aware of at all," she said. "We wanted to stop the problems before they started."
Background articles from The Chronicle:
|
|
|
|
 U. of Georgia basketball coach resigns amid investigation of possible rules violations Renewal of Higher Education Act will focus on incremental, not fundamental, change, report predicts U. of Kansas could lose $3.1-million under legislation aimed at punishing use of "obscene" materials Grand jury declines to indict Methodist College football players accused of assault on teammate Accreditor places Erie Community College on probation, citing financial and management concerns Department of Defense awards science and engineering grants to 18 universities Spring commencement speakers are announced by 13 colleges Cal State moves to close security loophole in controversial computer system |
Copyright © 2003 by The Chronicle of Higher Education