Reasons to use Purdue email systems

Reasons to use Purdue email systems

In other words, reasons not to forward your Purdue email to a non-Purdue email service:

1. Purdue email is considered an official Purdue record.

2. Purdue is legally liable to protect and retain Purdue records, including student information regulated by FERPA that may be conveyed in email and email attachments.

  • Purdue Email Policy: Users are reminded that any e-mail sent from a University Email Account or residing on University Email Services may be considered a public record under the Indiana Public Records Act (IC 5-14-3) and may be subject to disclosure. Users need to exercise judgment in sending content that may be deemed confidential or that they otherwise do not wish to be disclosed. Furthermore, email transmissions may not be secure, and contents that are expected to remain confidential need to be communicated via means other than email. Common examples of confidential contents include: student grades, personnel records, individual donor gift records, personally identifiable information, and data subject to federal and state laws or regulations, including but not limited to, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Family Educational Rights and Privacy Act (FERPA) and the Gramm Leach Bliley Act (GLBA).

3. Using consumer email systems for Purdue email, when not contractually obligated to Purdue, causes Purdue to lose control of records, and circumvents Purdue access controls. Purdue has created access controls to protect and provide secure access email. The security of 3rd party email systems cannot be guaranteed by Purdue.  While some email users may be able to safely forward their Purdue email to a non-Purdue email account, employees who handle official Purdue data are bound by Purdue policy to ensure that Purdue data remains protected in ways that comply with all applicable laws and regulations.

4. The Purdue records retention policy must be complied with even if Purdue email if forwarded to a non-Purdue server.

http://www.purdue.edu/policies/governance/vb3.html

5. Consumer email systems are typically commercial data-mining systems. Purdue students and employees may not consent to having their email messages forwarded to, or entered into, a commercial data-mining system and tracked/indexed or potentially targeted with advertising, etc.

6. Caching a Purdue career account username password on a consumer email system that Purdue has not legally contracted puts Purdue systems and/or accounts at risk.  It is OK for users to do this for their personally owned email and their own data, but this practice puts the data of students and Purdue data in genral at risk.

7. When forwarding all Purdue email to a personal email account, a freedom of information act records request could impact someone’s personal account, and potentially bring personal email into litigation.  Or it could cause Purdue to become out of compliance with laws that require Purdue to control and access Purdue-owned data.

See: https://www.purdue.edu/legalcounsel/public/index.html

Purdue Hazard Communication Training – Mandatory for all Purdue Employees

Dear College of Education Employees,

As part of Purdue’s OSHA-mandated “Integrated Safety Plan” all paid employees in the College of Education — including all student employees — are required to complete a one-time training called: Hazard Communication Training.

To complete the training watch the following 13-minute video:

Purdue Hazard Communication Training Video
https://edit.education.purdue.edu/video/HazCommTraining.mp4

…and then, after watching the video, take the short five-question quiz here:

Quiz – Hazard Communication Training
https://purdue.ca1.qualtrics.com/jfe/form/SV_etvDag7KEf2Z4u9

Once you have completed the Quiz, you will receive an email confirmation message.  Please forward that message to your departmental main office.

Thank you!

Robert Evans
Chair of the College of Education Safety Committee
Co-Chair of the BRNG Safety Committee
bob@purdue.edu

 

Emergency Preparedness Video: Shots Fired on Campus Video

Below an article from the SecurePurdue web site that includes a link to a video:

http://www.purdue.edu/securePurdue/news/2010/emergency-preparedness-shots-fired-on-campus-video.cfm

“Shots Fired on Campus: When Lightning Strikes,” is a 20-minute video that illustrates what to look for and how to prepare and react, said Carol Shelby, senior director of environmental health and public safety. The video is available online at https://www.purdue.edu/securepurdue/police/video. A Purdue career account and password are necessary to log on to view the video. Its release to the Purdue community coincides with National Emergency Preparedness Month.

“This video stresses awareness, preparation and rehearsal, the keys to safety,” Shelby said. “Students, faculty and staff can take the training on their own and access it anytime they want, but some professors also may want to play it in their classrooms.”

The video was produced by the Center for Personal Protection and Safety, based in Spokane, Wash., and is being shown at several college campuses around the nation, Shelby said. The center is composed of former U.S. Department of Defense and FBI officials and is dedicated to researching and disseminating best practices in workplace violence prevention and travel safety. It is responsible for much of the federal government’s current teaching and training on crisis negotiations, workplace violence, abduction prevention and hostage survival situations.

Shelby said Purdue linked with the center through the university’s participation in the International Association of Campus Law Enforcement Agencies, an organization involved in safety and security on college campuses.

The Video:

https://www.purdue.edu/securepurdue/police/video

The Transcript:

http://www.purdue.edu/securePurdue/download.cfm?File=media/SFOC_Final_Transcript.pdf

New email header will alert individuals to probable phishing scams

Please note the following post from ITaP:

Due to the continual increase in phishing attempts targeting Purdue email accounts, ITaP has created a new email header that will alert Purdue mail users to probable phishing scams.

All individuals who use an @purdue.edu email address will be affected by this change. The alert will be added to the top of messages and will read as follows:

Please be advised that the email below contains a link associated with an identified phishing scam. Clicking on the link may harm your computer. If you believe your Purdue career account has been compromised, please contact your local academic IT support or the ITaP Customer Service Center at 765-494-4000 for help managing risk to you and the University.

For more information see:

http://www.itap.purdue.edu/newsroom/news/140114_phishing_header.html

Writer: Andrea Thomas, ITaP technology writer, 765-496-8204, thomas78@purdue.edu

Source: Mick Haberzetle, manager of messaging and application services, 765-496-1067, mick@purdue.edu

David Shaw, chief information security officer, 765-496-8289, shaw46@purdue.edu

More sophisticated phishing attempts reinforce need for caution, security expert says

“More and more sophisticated phishing attempts have led to an increase in the number of individuals at Purdue falling victim to email scams by more than tenfold in the last two years.  Purdue never solicits personal information — such as passwords and account numbers — via email, phone or any other electronic manner.”  Read more on this page…

http://www.itap.purdue.edu/newsroom/news/130816_phishing_increase.html