Profile

CommunityPlatform_1350x900.jpg

Mark Jones

Edit My Profile

My Content

1 to 20 of 35 total

RE: Which user identifier do you use across your organization?

Posted By Mark Jones 12-05-2023 10:02:33 AM
Found In Egroup: Identity and Access Management \ view thread
There is a lot of wisdom in that document. I see the fruits of 20+ years of passionate, international IAM debate, and I just skimmed part of it. ... looking forward to a deeper read.

RE: Which user identifier do you use across your organization?

Posted By Mark Jones 12-04-2023 10:11:25 AM
Found In Egroup: Identity and Access Management \ view thread
'Correlation' often has a negative connotation, especially in 'privacy' discussions. It is something we all need to be aware of, but sometimes it is desired. The whole purpose of identifiers is to correlate information about a subject within a defined scope. You need to make sure you are ...

RE: Which user identifier do you use across your organization?

Posted By Mark Jones 11-28-2023 09:02:36 AM
Found In Egroup: Identity and Access Management \ view thread
What you are looking for is eduPersonUniqueID: https://software.internet2.edu/eduperson/internet2-mace-dir-eduperson-201602.html#eduPersonUniqueId Note that 'human readability' is not always advantageous. There are use cases for human friendly identifiers... use email address. But for a common ...

RE: How do you manage email/accounts for people who are both student and employee?

Posted By Mark Jones 11-01-2023 12:30:41 PM
Found In Egroup: Identity and Access Management \ view thread
One person, one identity, one account. Keep it simple. If you have a mature identity and access management infrastructure, what a person has access to is not granted or revoked by enabling or disabling an account. Any concerns about access to and use of information because of dual affiliations can ...

RE: Company Bios and Directories

Posted By Mark Jones 09-25-2023 02:06:07 PM
Found In Egroup: Cybersecurity \ view thread
We moved what was a public directory to our intranet. We may go further and limit information displayed without authentication. If you want prospective students to have nonpublic access without accounts you might try using personalized and/or time limited links or PINs sent via email.

RE: verifying Identities

Posted By Mark Jones 09-13-2023 08:54:28 AM
Found In Egroup: Identity and Access Management \ view thread
correct

RE: verifying Identities

Posted By Mark Jones 09-13-2023 08:33:09 AM
Found In Egroup: Identity and Access Management \ view thread
The standard is https://pages.nist.gov/800-63-3/ We use video conferencing for 'in-person' vetting (show me your driver's license). We use personal email addresses (or mobile phone) that were already on file for password resets/recovery. In my opinion this does not need to be complicated. If the ...

RE: What if Generative AI turned out to be a Dud?

Posted By Mark Jones 08-15-2023 12:37:12 PM
Found In Egroup: AI \ view thread
I think it is worth noting that you should be just as skeptical about getting "correct or unbiased" answers from humans.

RE: AI Tool that Requires no Student Information / Sign-Up / Login

Posted By Mark Jones 08-08-2023 02:24:15 PM
Found In Egroup: AI \ view thread
I think the question is if any of the companies will sign agreements such as a BAA.

RE: Ideas for symbolism for accessibility

Posted By Mark Jones 07-27-2023 09:14:18 AM
Found In Egroup: IT Accessibility Community \ view thread
I can't say that I think it is good symbolism, but here is an example of what Microsoft is using: https://winaero.com/blog/wp-content/uploads/2018/02/Windows-10-Control-Panel-Ease-of-Access-icon.png

RE: Student versus Alumni domain

Posted By Mark Jones 06-27-2023 01:21:32 PM
Found In Egroup: Identity and Access Management \ view thread
Is this about email... or is it about needing an active account for access to various alumni related services?

RE: Student versus Alumni domain

Posted By Mark Jones 06-26-2023 12:38:37 PM
Found In Egroup: Identity and Access Management \ view thread
Disclaimer: the following opinions are based on anecdotal evidence and personal experience, not hard data... It has been my experience that students only use their university issued account when enrolled if forced let alone after they graduate. I think it makes more sense to establish communication ...

RE: ChatGPT/AI in Education - Where are We Now?

Posted By Mark Jones 06-05-2023 09:58:45 AM
Found In Egroup: AI \ view thread
Right, it should be an additional author, not a reference ��

RE: Center for AI Safety statement warning to mitigate the risk of extinction from AI

Posted By Mark Jones 05-31-2023 10:58:29 AM
Found In Egroup: AI \ view thread
It feels hyperbolic, but you have to continue reading: https://www.safe.ai/ai-risk It seems like a real concern to me.

RE: Privacy in Universities & AI

Posted By Mark Jones 05-30-2023 10:39:11 AM
Found In Egroup: AI \ view thread
I would assume you need a formal data protection agreement with the vendor. This search is US specific, but I'm thinking you would want something similar to a Business Associates Agreement. https://www.google.com/search?client=firefox-b-1-d&q=openai+baa

RE: Chronicle reporter: Thoughts about courseware and data privacy?

Posted By Mark Jones 05-16-2023 02:45:43 PM
Found In Egroup: HEISC Privacy \ view thread
Well, if you are going to rip up FERPA, might as well trash HIPAA while you are at it.

RE: Chronicle reporter: Thoughts about courseware and data privacy?

Posted By Mark Jones 05-16-2023 10:30:38 AM
Found In Egroup: HEISC Privacy \ view thread
My guess is that it is more likely that these are 'click through' agreements that no one actually reads and that faculty don't actually have the authority to sign.

Bard

Posted By Mark Jones 05-12-2023 03:45:00 PM
Found In Egroup: AI \ view thread
I found asking bard.google.com the following two questions interesting: What AI services are similar to Bardnow rate these Mark B. Jones, M.S. Senior Manager, Systems Analysis and Programming Chair, Mobile Application Governance Subcommittee Voting Member, IT Security Core Team Administrative ...

RE: Privacy / Security Impact Assessment of Assistive Technologies

Posted By Mark Jones 05-09-2023 07:48:51 AM
Found In Egroup: IT Accessibility Community \ view thread
Current password criteria wisdom is that length is preferred over complexity. Hopefully everyone will move toward pass phrases using normal characters.

RE: volunteer tracking

Posted By Mark Jones 05-04-2023 03:11:12 PM
Found In Egroup: Identity and Access Management \ view thread
Our guest system is used to grant anyone access for any reason. This includes volunteers. Each volunteer would need a 'sponsor'. The privilege of being a sponsor is limited and they are responsible for the guest. The account is given an expiration date and is deactivated automatically unless the sponsor ...