The Information Security office manages SANS Institute "Securing the Human" training to select UB departments. Some of the content is either inconsistent with policies and procedures at UB, or requires further explanation.
SANS stated "There have been many clients who asked us to disable the ability to skip ahead. Many were due to compliance and certification reasons, so we made that a permanent feature".
UB doesn't require prior authorization before attaching a wireless access point to the network. However, we do expect that access points will be appropriately secured with strong encryption (not "WEP"). However, we do not permit the use of our official SSIDs (eduroam, UB_Secure, UB_Wireless, UB_Guest) as this is often an indicator of someone trying to intercept traffic. Those SSIDs are reserved exclusively for the UB Wi-Fi service.
We strongly recommend that you use eduroam or UB_Secure and not UB_Wireless or UB_Guest. eduroam and UB_Secure uses encryption and UB_Wireless or UB_Guest do not.
No you do not. Disregard that statement.
While it's always a good idea to remove old and unused (and
likely unmaintained and unpatched!) items from your system you
should always check with your IT support first before making system
The training implies that directory information may be given out. This is not correct for UB. The student may opt to restrict their directory information. The best way to handle requests for directory information is to direct the requester to the UB Online Directory. If the student has restricted their information, it will not appear there. There is no other mechanism to determine whether or not a student has restricted their information.
Disregard this statement. There are several facilities that require authentication (card swipes) upon entry but none, as far as we know, that require that you authenticate before leaving.
Disregard that statement and instead contact the Information Security Office.