eServices "Internet Operations" data use

Started by a2capt, November 04, 2013, 05:04:14 AM

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

a2capt

November 04, 2013, 05:04:14 AM
Since "they" want administrator access to your various CAP related web sites..

Of course, there's really nothing wrong with that in a perfect world- after all, you're representing your higher headquarters through all this.

My query is that there is really no explanation of who is on the receiving end of this data, and what they are going to do with it, how often, etc.

The idea of having administrator access "floating around" with no idea of who, or how many have access to it, and how careless they might possibly be, just doesn't sit well with me.

Is the back end of this documented somewhere else? CAPR 110-1 isn't really much of a help.

Eclipse

#1
November 04, 2013, 05:33:34 AM
I'm not sure what you're asking.

There shouldn't be anything on a CAP website that is remotely secret or even interesting, certainly nothing
anyone would care about in the grand sense.

What data are you sending and where?

"That Others May Zoom"

JeffDG

#2
November 04, 2013, 12:48:50 PM Last Edit: November 04, 2013, 12:52:49 PM by JeffDG
I'm a Group IT Officer.  I can see what I've input for my HQ, along with the information input by subordinate units.

So, basically, under the Internet Operations module, the IT Officer and the Commander of higher echelons can see the data.

That said, I really dislike the idea of requiring people to give their "admin" account to anyone.  It violates the audit-principle of "non-repudiation". 

I also help out with the Wing internet operation, and for that, we've created a specific account to share with Region/NHQ, and we audit use of that account rather closely...I'll be honest, it's never been logged in to.

As for use...I know that I (Group ITO hat) wouldn't even look these up (with the exception of making sure they were there) unless I had a reason to do so...like an ITO disappearing and not leaving behind the passwords etc. for a squadron website, and then only at the request of the Squadron or Group/CC.  It's really intended as an emergency backup for exceptional circumstances.

JeffDG

#3
November 04, 2013, 12:54:19 PM
Quote from: Eclipse on November 04, 2013, 05:33:34 AM
I'm not sure what you're asking.

There shouldn't be anything on a CAP website that is remotely secret or even interesting, certainly nothing
anyone would care about in the grand sense.

What data are you sending and where?
Under the Internet Operations tab, squadrons who maintain an internet presence (we strongly encourage everyone to use the Wing system to avoid the issue) are required to provide a login and password with full administrative access to the website.  This information is available to higher-HQ ITOs and CCs, and is used to resume control of such sites in the event of being unable to reach the ITO in the future.
Print
Go Up Pages1
User actions