Working for the helpdesk at my college, this one undergrad brought her computer in cause it was "slow". I ran our adware/spyware removal tool and found 47617 infected files. I then ran a series of virus scanners and found 6113 viruses. Obviously, a reinstall was necessary for that one...
Okay, having just graduated with a Computer Engineering degree, I know the importance of attendance in the classroom. However, this is me...not everyone is the same. For some of my classes, no class participation/attendance was necessary in order for me to get my 4.0...not many but some. Other people I know didn't have to show up to do well in some of the classes it would have been impossible for me to do well in the same situation.
My point here is: the students are paying the university to learn. They will put forth whatever effort they wish to get through the semester. If they don't want to put forth any effort, it is not your fault. They are adults and can think for themselves. We need to quit babying the up-and-coming people and instill some form of discipline...they screw up in a few classes and have to retake them they'll reconsider how to go about their life.
If, however, they don't have to show up and can do fine on their own then there really isn't much point in forcing them to go to class when they are capable of learning on their own.
Now to my suggestion:
Random pop-quizzes will solve this problem of not having the people go to class. Have a random number of quizzes (that you don't announce to the students...say somewhere between 15 and 30) and then preselect days where they will go, not totalling more than 3 in a week. However, make sure to have 3 in one week at some point to just throw them off. They don't have to be hard, just enough to make sure they are paying attention...heck, even a "write your name on a piece of paper" quiz will work for most situations. Weigh them the same as their homework and the problem will be solved. Usually there will be anywhere from 15-30 homework assignments, so the possibility of doubling or tripling their homework weight is significant enough to make them come to class. PS: I was a T.A. in my college tenure and this worked beautifully for attendance.
1. The circumstances under which a company/school/whatever may contain your personal information
2. The length of time under which they may retain that information (with mandatory and permanent removal after a given period of time)
3. A definition of the minimum necessary security measures a party must take when retaining another's personal information
4. Explicitly stating to the person when they will retain their information, for how long, and what security measures they will take to protect it
5. In the case of theft, if parts 1-4 are not satisfied, the party owes full monetary compensation for providing ID theft protection, and also granting the person the right to choose what ID protection service and what level of protection they want
6. In the case of theft, if parts 1-4 are satisfied, the party owes a minimal monetary compensation for ID theft protection that meets certain stated requirements.
7. In the case of theft, any and all persons that may have had their information stolen in the theft must be informed within a 48 hour period upon discovery of the theft. No party may with hold or keep secret the theft any longer, or they are subject to further financial obligation to the victims.
===Responding to Steps===
1. While this is a noble thought...I doubt it will ever happen. You have to realize that different parts of different companies need data in different ways. While a customer relations department might only need the name, address and phone number for a person, the purchasing department needs more. The finance department needs far more information about employees as well. Furthermore, some companies need more information about those they deal with than other companies (banks vs. retail stores, etc). Were legislation to be passed to limit this, some companies may not be affected based on how they deal with the data, whereas other companies may be crippled.
2. I agree with this...however, once again this may not be possible for some companies to continue functioning properly.
3. This is dependent upon current standards. In this world (as we are all aware) things change on a daily basis. If and when they were to pass some standards of this nature, it would be outdated before they ever release it due to testing, retesting, retesting again, being buried in a hole and watered for 6 months, then lost for 2 years before it were to be put into production. Additionally, if they were to attempt to put something in as "flexible requirements" this would create loopholes that companies would be able to get around. Good idea...but not plausible.
4. I agree with this....it should be done.
5. I agree with this as well...but I highly doubt that would ever pass.
6. See 5.
7. This brings up an interesting topic of "how do you define 'getting in contact' with the individual?" In today's day and age, email may be an appropriate line of communication...but not everyone checks their email on a regular basis and those that do could easily disregard such emails as spam or phishing attempts. Phones only work so well. Physical letters could be the best option. Also, what happens if the company is unaware of the theft/breach of security for some time (which has happened)?
===My thoughts===
Okay, first of all I think you bring up some excellent points. I am all for limiting company usage of personally identifiable data (PID); however, it will never happen from a law-enforced situation. SoX and HIPPA have come a very long way over the past few years to assist in the correct reporting of data and the way PID is held. However, the processes that have been created as a result are still flawed and forever will be.
You have to remember, Big Business owns Big Brother (Congress). Thus, these "regulations" are for the most part suggestions anyway. I've been working with Security & Controls for a while now and know how things work in this regard. It is unfortunate but true. Still, many companies ri
Slashdot Mirror
Working for the helpdesk at my college, this one undergrad brought her computer in cause it was "slow". I ran our adware/spyware removal tool and found 47617 infected files. I then ran a series of virus scanners and found 6113 viruses. Obviously, a reinstall was necessary for that one...
Okay, having just graduated with a Computer Engineering degree, I know the importance of attendance in the classroom. However, this is me...not everyone is the same. For some of my classes, no class participation/attendance was necessary in order for me to get my 4.0...not many but some. Other people I know didn't have to show up to do well in some of the classes it would have been impossible for me to do well in the same situation.
My point here is: the students are paying the university to learn. They will put forth whatever effort they wish to get through the semester. If they don't want to put forth any effort, it is not your fault. They are adults and can think for themselves. We need to quit babying the up-and-coming people and instill some form of discipline...they screw up in a few classes and have to retake them they'll reconsider how to go about their life.
If, however, they don't have to show up and can do fine on their own then there really isn't much point in forcing them to go to class when they are capable of learning on their own.
Now to my suggestion:
Random pop-quizzes will solve this problem of not having the people go to class. Have a random number of quizzes (that you don't announce to the students...say somewhere between 15 and 30) and then preselect days where they will go, not totalling more than 3 in a week. However, make sure to have 3 in one week at some point to just throw them off. They don't have to be hard, just enough to make sure they are paying attention...heck, even a "write your name on a piece of paper" quiz will work for most situations. Weigh them the same as their homework and the problem will be solved. Usually there will be anywhere from 15-30 homework assignments, so the possibility of doubling or tripling their homework weight is significant enough to make them come to class. PS: I was a T.A. in my college tenure and this worked beautifully for attendance.
/agree and yes you did...and yes i did too
1. The circumstances under which a company/school/whatever may contain your personal information
2. The length of time under which they may retain that information (with mandatory and permanent removal after a given period of time)
3. A definition of the minimum necessary security measures a party must take when retaining another's personal information
4. Explicitly stating to the person when they will retain their information, for how long, and what security measures they will take to protect it
5. In the case of theft, if parts 1-4 are not satisfied, the party owes full monetary compensation for providing ID theft protection, and also granting the person the right to choose what ID protection service and what level of protection they want
6. In the case of theft, if parts 1-4 are satisfied, the party owes a minimal monetary compensation for ID theft protection that meets certain stated requirements.
7. In the case of theft, any and all persons that may have had their information stolen in the theft must be informed within a 48 hour period upon discovery of the theft. No party may with hold or keep secret the theft any longer, or they are subject to further financial obligation to the victims.
===Responding to Steps===
1. While this is a noble thought...I doubt it will ever happen. You have to realize that different parts of different companies need data in different ways. While a customer relations department might only need the name, address and phone number for a person, the purchasing department needs more. The finance department needs far more information about employees as well. Furthermore, some companies need more information about those they deal with than other companies (banks vs. retail stores, etc). Were legislation to be passed to limit this, some companies may not be affected based on how they deal with the data, whereas other companies may be crippled.
2. I agree with this...however, once again this may not be possible for some companies to continue functioning properly.
3. This is dependent upon current standards. In this world (as we are all aware) things change on a daily basis. If and when they were to pass some standards of this nature, it would be outdated before they ever release it due to testing, retesting, retesting again, being buried in a hole and watered for 6 months, then lost for 2 years before it were to be put into production. Additionally, if they were to attempt to put something in as "flexible requirements" this would create loopholes that companies would be able to get around. Good idea...but not plausible.
4. I agree with this....it should be done.
5. I agree with this as well...but I highly doubt that would ever pass.
6. See 5.
7. This brings up an interesting topic of "how do you define 'getting in contact' with the individual?" In today's day and age, email may be an appropriate line of communication...but not everyone checks their email on a regular basis and those that do could easily disregard such emails as spam or phishing attempts. Phones only work so well. Physical letters could be the best option. Also, what happens if the company is unaware of the theft/breach of security for some time (which has happened)?
===My thoughts===
Okay, first of all I think you bring up some excellent points. I am all for limiting company usage of personally identifiable data (PID); however, it will never happen from a law-enforced situation. SoX and HIPPA have come a very long way over the past few years to assist in the correct reporting of data and the way PID is held. However, the processes that have been created as a result are still flawed and forever will be.
You have to remember, Big Business owns Big Brother (Congress). Thus, these "regulations" are for the most part suggestions anyway. I've been working with Security & Controls for a while now and know how things work in this regard. It is unfortunate but true. Still, many companies ri