Stoopid IT Tricks: The university all-stars

* Vote for your favorite SITT

Aw heck, after all that Aperi stuff, let's take a break and play another round of everybody's favorite Internet game show: STOOPID IT TRICKS! As you may recall, this is where we all get to make fun of some really terrible IT decisions that were made in the recent past. Thanks to Storage Wise Guy Anne for letting this particular set of corporate cats out of the bag, and to my colleague Scott-The-Security-Maven for introducing me to Senate Bill 1386 (see below).

Today, in a salute to academia, I offer you Stoopid IT Tricks, NCAA style. This time however, it comes with a twist. I'll present three examples of IT silliness, but you get to vote on who the winner is. Ideally, I would have published this during NCAA Final Four basketball tournament, or during the Rose Bowl, but all these happened in the past few weeks, so in the interest of timeliness:

Candidate No. 1: The San Francisco State University Golden Gators.

A laptop got stolen and guess what - none of the data was protected! Go figure. Three thousand former and current students' social security numbers, names, grades and so forth are apparently now out there for public perusal. I won't be the one to point out to SFSU that the compliance guidelines found in California S.B. 1386 frown on this sort of thing.

Chomp 'em, Gators!

Read the full story here.

Candidate No.2: The Blazers from The University of Alabama, Birmingham.

An office computer containing names, social security numbers and medical information for 9,800 kidney donors, recipients, and potential recipients was stolen in February, but "the affected people weren't notified until earlier this month because it took months for school officials to reconstruct the missing database." Nobody in Birmingham knows about database replication, I guess. The wheels of change apparently roll slowly in some areas of the south.

Go Blazers!

Read the full story here.

Candidate No. 3: The Western Illinois University Leathernecks.

Due to multiple server breaches, WIU lost social security numbers and other data on current and previous students, as well as credit card information on those using the university bookstore or hotel. The good news: the risk of exposure is limited mostly to students who took courses from 1983 to the present, estimated to be a mere 200,000 to 240,000. Not much of a problem if we can keep it below the quarter-million mark.

Way to go, 'Necks!

Read WIU's security alert here.

The moral of all this: Although use of SSNs as student identifiers is now banned, some IT managers just keep on keepin' on. DON'T YOU BE ONE OF THEM.

On second thought, don't bother voting. These are all pretty dumb. Storage doesn't make you stoopid, but it sure can make you look that way.

If you're interested in what's going on in the privacy rights arena, or in finding out how some of your IT colleagues have failed in their duties to protect stakeholders' data, check out the most recent update of the Privacy Rights Clearing House here.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:
Must read: 10 new UI features coming to Windows 10