Index

Subject : Re: LUG: The Future of UnWRAP

From : Edward Anderson <nilbus@nilbus.[redacted]>

Date : Thu, 08 Sep 2011 23:29:42 -0400

Parent

Good luck - I hope it turns out well! Maybe it's because of the policy around it that people haven't ventured into this territory much before (that I'm aware of), but I think it's an incredibly useful idea.Â

I'm curious to know how FERPA ties into this. Is data considered "student data" that must be protected just because someone uses their unity ID to log into a site? Or is this just a password protection issue?

Edward

On Thu, Sep 8, 2011 at 5:10 PM, Matthew Frazier < mlfrazie@ncsu.[redacted] > wrote:
Okay, I had a nice chat with a couple of guys from ITECS about UnWRAP and the mess of policy issues surrounding authentication at a university.

For now, UnWRAP will keep running (I will probably have to implement a few more account checks due to FERPA issues), *but* I will not be granting anyone secret keys to actually use the service in their applications. In addition, I would advise everyone against grabbing the source and running it on one's own Web space, because there are FERPA- and data-protection-related liabilities that could get you, ITECS, or both in trouble if you screw anything up.

Once ITECS and OIT Security and Compliance get back to me, I have no idea what will happen. Hopefully, something like UnWRAP will be available in the future, but it will have to be much more strongly regulated. Thanks for all your feedback and testing, though.

Thanks,
Matthew Frazier
North Carolina State University



Replies :