IT Times LogoIT Times Logo
IT Times Logo

in this issue...
Banner Upgrade: Protecting the Privacy of Student Records

Dial in to the Faculty Modem Pool

Express Service on Legacy Modem Pool

Fall 1998 Statistics Reveal Upswing in Computer Usage

Future of Remote Access

New Software Site Licenses

Perspective: Harry Matthews, Chair of the AC4

Phone Directory Wins Gold Award

Register for Courses on the Web

Teaching Resources Center Web Site Redesign

The Station: A Big Hit With Students

Updated Online Publications Provide a Wealth of IT Information

Year 2000 Report
Volume 7, Number 4
feedback archives search the IT Times IT Times home

Protecting the Privacy of Student Records

Banner's More Secure Log-in Process Planned for Mid-April

Student education records are official and confidential documents protected by one of the nation's strongest privacy protection laws, the Family Educational Rights and Privacy Act (FERPA). FERPA, also known as the "Buckley Amendment," defines education records as all records that schools or education agencies maintain about students, including their identification code, date and place of birth, grades, test scores, courses taken, degrees earned, financial aid, or other information that would make it easy to identify or locate a student. FERPA protects both paper and computerized records.

On our campus, student education records are stored in the computerized Banner Student Information System, which can be accessed only by those individuals with a legitimate educational need or institutional business purpose.

In December 1997, Banner was upgraded to a graphical user interface (GUI) in order to stay current with the software supported by the vendor and to conform with state and federal regulations. Since then, Information Technology and Enrollment Services have continued to research ways to further protect the confidentiality of UC Davis student records. On April 19, they will deploy their latest security improvement: a new, more secure log-in process.

New Security Tools Required to Access Banner

Unlike the December 1997 upgrade which dramatically changed the "look and feel" of the Banner system, the impending upgrade will affect only the way in which users log in. Starting April 19, the following security tools will be required to access Banner:

  • A Kerberos password. Kerberos software will provide secure authentication with encrypted passwords. It will also bring the Banner system in compliance with UC Davis' authentication strategy to provide a single sign-on procedure for central campus computing systems. Refer to the email message sent to all Banner users on February 22 for more information on Kerberos passwords. The messages are posted on the Banner Help Desk Web site. (See "Need Help With the Banner Upgrade?" table below.) Another email message will be sent in March.

  • A hard token, also known as Enigma Logic security token. Veteran users of the Banner system will remember the small calculator-like devices they used before December 1997 to obtain a one-time password and access the Banner system. These tokens were temporarily retired with the introduction of the graphical user interface, which was not equipped to handle token authentication at the time. They will be re-introduced with this upgrade.

Hard tokens, which have a life expectancy of approximately 3 years, are designed as secure devices that cannot be opened, even to check the battery. When the battery dies, the token needs to be replaced. For similar security reasons, individuals should not share tokens -- every user must have his or her own. (See the "February Action Item: Hard Tokens" table to determine how to purchase, test, and have your hard tokens programmed.)

Soft tokens, the software version of the Enigma Logic tokens in use before December 1997, are no longer supported by the vendor and will therefore not be available. Records indicate that 250 of the 274 individuals who had soft tokens in 1997 are employed on campus. Since the campus could not afford to subsidize the cost of hard tokens, these individuals (one-fourth of the total number of Banner users) will need to purchase a card and have it programmed by April 19.

Plan to Attend Presentations and Workshops

To assist with the transition to the new log-in process, Information Technology and the Office of the Registrar have scheduled a number of presentations and training sessions. Presentations will be given on March 9 from 10-11 a.m. and March 10 from 11a.m.-12 noon in MU II. You may attend either session. Topics include an overview of the upgrade, action items for users, and a demonstration of the new log-in process.

Training workshops focusing on the new log-in process will be available between April 14-21. See http://registrar.ucdavis.edu/training/ for sign-up information.

Nicole Collins, Debbie Lauriano, and Ann Leamon from IT-Information Resources contributed to this article.