Imagine you are an Information Security consultant for a small college registrar’s office consisting of the registrar and two (2) assistant registrars, two (2) student workers, and one (1) receptionist. The office is physically located near several other office spaces. The assistant registrars utilize mobile devices over a wireless network to access student records, with the electronic student records being stored on a server located in the building. Additionally, each registrar’s office has a desktop computer that utilizes a wired network to access the server and electronic student records. The receptionist station has a desktop computer that is used to schedule appointments, but cannot access student records. In 1974, Congress enacted the Family Educational Rights and Privacy Act (FERPA) to help protect the integrity of student records. The college has hired you to ensure technical safeguards are appropriately designed to preserve the integrity of the student records maintained in the registrar’s office. Write a three to five (3-5) page paper in which you: Your assignment must follow these formatting requirements: The specific course learning outcomes associated with this assignment are:

The protection of student records is of utmost importance in educational institutions. The Family Educational Rights and Privacy Act (FERPA) was enacted in 1974 by Congress to safeguard the integrity of these records. As an Information Security consultant tasked with ensuring technical safeguards are appropriately designed to preserve the integrity of student records in a small college registrar’s office, it is essential to analyze the current setup and propose suitable measures.

The registrar’s office consists of the registrar, two assistant registrars, two student workers, and one receptionist. The office is physically located near other office spaces. The assistant registrars utilize mobile devices over a wireless network to access student records, which are stored on a server within the building. Each registrar’s office also has a desktop computer connected to a wired network for accessing the server and student records. The receptionist’s station has a desktop computer that is used for scheduling appointments but does not have access to student records.

To preserve the integrity of student records, it is crucial to implement several technical safeguards. One of the primary measures that should be taken is to secure the wireless network used by the assistant registrars’ mobile devices. This can be achieved by enforcing strong encryption protocols such as WPA2, disabling broadcasting of the network’s SSID, and implementing MAC address filtering. These measures will help prevent unauthorized access to the wireless network and subsequent unauthorized access to student records.

Additionally, the server where the student records are stored should be protected. This includes implementing access controls to restrict access only to authorized personnel. Access to the server should be carefully managed, and each user should have a unique login ID and strong password. Furthermore, regular maintenance and updates to the server’s operating system and software should be performed to address any potential vulnerabilities.

The wired network used by the desktop computers in the registrar’s offices should also be secured. This can be accomplished by employing network segmentation techniques, such as creating a separate network for the registrar’s office and implementing a firewall to control traffic flow between the different networks. Additionally, network monitoring tools should be used to detect any unauthorized access attempts or suspicious activities.

To ensure that the receptionist’s desktop computer cannot access student records, proper user permissions and access controls should be implemented. The computer should be configured to only allow access to scheduling software and other necessary tools while preventing access to the student record server. This can be achieved by creating a separate user account for the receptionist with limited privileges.

In conclusion, preserving the integrity of student records in a small college registrar’s office requires implementing various technical safeguards. These measures include securing the wireless network, protecting the server where student records are stored, securing the wired network, and implementing user permissions and access controls. By properly designing and implementing these safeguards, the college can ensure the integrity and confidentiality of student records in compliance with FERPA regulations.