Editorial: Student ID Problem
 As
new technology becomes a part of everday life, the customs and laws governing
its use always lag behind. Cellular phones come to mind.
Though just about everyone has had one for quite a few years now, it’s
only recently that you can sit through an entire class without hearing
a cell phone go off. Why? It took time for courtesy to catch up with technology.
Cell phones, of course, don’t really cause that much harm. A far
more damaging technology is the Internet, which remains a Wild West more
than a decade after its popular use began. We are still in the process
of figuring out how to control the online world and the biggest risks
are still fraud and identification theft.
As the Internet is mostly a realm beyond governmental control, it has
fallen to the free market, with online companies like AOL and MSN to keep
users safe. Though the federal government can enforce such things as copyright
law, state institutions can do much more than that and some have not been
as diligent as they should be.
Fresno State, and for that matter the entire CSU system, has left its
students wide open for identity theft, despite its best efforts to protect
us.
Students’ social security numbers (the gateway to any other personal
information a skilled hacker might want) are stored on Fresno State Web
sites and are sometimes used to pull up information when they cannot remember
their student ID numbers. Not all students are informed on how to take
the simple steps to protect themselves, the online system Fresno State
uses is flimsy, and hackers know that university Web sites are easy pickings.
There is no doubt Fresno State administration has addressed this issue,
but when some progress is made on any front, the job seems to be dropped.
Three years ago the campus switched from primarily using students’
social security numbers to using student identification numbers. Students’
social security numbers are still in use in order to access student information.
However, as students can access their accounts using these instead of
their new student numbers.
If the purpose of creating new student numbers was to protect students’
social security numbers, then the job is not finished. Campus IT personnel
should establish the new student identification number as the only way
to access an account, so that a user never uses, or has the chance to
come in contact with, a social security number.
Fresno State must also keep students informed of even the most seemingly
trivial online matters that threaten their security. For instance, on
the “My Fresno State” site, one must click on “sign
out” to ensure that the account is indeed signed out of. On most
Web sites, one only has to close the window to log out, but if that convention
is followed on “My Fresno State,” students risk their class
registration and personal information being available to the next user
of the same computer.
Fresno State should change the “My Fresno State” site so that
simply closing the window signs the user out, just like the campus e-mail
site.
Nearly everything the government puts out for public use is made so the
dumbest person can use it and not get it wrong. Fresno State Web sites
should be fashioned with that same philosophy in mind.
University Web sites are high on hackers’ hit lists, and Fresno
State has been lucky so far not to have had a major security breach. In
2005 alone, schools such as Boston College, Colorado, Michigan State,
Purdue, Stanford, and USC had their systems hacked into. In addition to
security breaches on four CSU campuses this year, the Chancellor’s
Office itself fell victim to hackers in August.
At this rate it’s a matter of when, not if, our personal information
will be compromised. Fresno State, the CSU system and all universities
have the opportunity to lead the way in protecting its students’
and its customers’ identities online, to control the online world
where the biggest risks are still fraud and identification theft.
|
