Campus ID News
Card, mobile credential, payment and security
FEATURED
PARTNERS
slider OhioUoffice 1

Ohio University’s journey to securing its ID card production

CampusIDNews Staff   ||   Nov 16, 2017  ||   , ,

Following an audit process in 2015, the then year-old Ohio University OneCard office decided to make changes to the way it secures and logs ID card production.

The issuance security upgrades at the Ohio OneCard office were outlined in a presentation given at NACCU 2017 by Joshua Bodnar, director of Access, Transaction, and Video Services at Ohio University. In the presentation, Bodnar describes the changes made to the card production process, as well as the susceptibilities uncovered by the initial system audit.

One of the major concerns raised was that the OneCard office was not tracking the reproduction of ID cards. “We were not tracking when the ID was printed, what cards were printed, and what staff members were printing them,” Bodnar says.

This exposed the risk of employees making copies of ID cards without anyone knowing. “We wouldn’t have any way to know if a large number of IDs were printed when they shouldn’t have been,” Bodnar adds.

Office staff were also not keeping track of card stock and printing supplies. Unlocked boxes of cards and ribbons would be left out next to printers. When these issues came to light, Bodnar and the OneCard team realized that they needed to better secure both materials and the card production process.

Securing card production

The first step was to secure the office’s workstations, taking away shared windows accounts, and instead requiring staff needing access to IDWorks to be put in an Active Directory group managed by the OneCard office. Additionally, only those in the Active Directory can access the workstations. This was done to prevent the risk of unauthorized users accessing personal information stored on the machines.

Access to the Internet was also disabled at the workstations to avoid the risk of employees visiting potentially unsafe websites. Users are also logged out of the computers if they leave the machine idle for over five minutes.

Prior to the new security changes, users could stay logged in all day, and when the computers were restarted they would automatically log in using a worker’s credentials. This left personal information open for anyone to access, which Bodnar wanted to prevent.

Preserving data logs

With multiple machines, the OneCard office decided it was important for all of the print logs to be stored together. To accomplish this, the OneCard team decided to leverage software that the university already had, nxlog and Kibana.

Ohio University was already using nxlog to send logging data to the campus’ central logstash system. The print logs are installed on each machine and are written on the machines’ text files and a shared network, and then stored in the centralized logging system. Meanwhile, Kibana makes it easier to search the logs and provide a visual for the collected data.

Related Posts

Subscribe to our weekly newsletter

RECENT ARTICLES

High school bathroom

Bathroom breaks tracked by campus ID and mobile app

At California’s Fresno High, a new app is authorizing and monitoring trips to the bathroom in an effort to increase students’ time in class and decrease gathering in halls and bathrooms. Of course, this has not gone over well with students. Raising your hand and asking the teacher if you can go to the bathroom […]
Atrium Ozzi container

Atrium clients track check-out and return of reusable containers at OZZI kiosks

The push to reduce or even eliminate single-use containers from campus dining is now easier for Atrium clients. Thanks to a seamless integration between Atrium and the OZZI reusable container program, the processes for both students and dining services is streamlined. Atrium clients have been using OZZI for years, but the two systems were independent. […]
HID report snapshot

Security industry’s top trends include mobile IDs, MFA and sustainability

The 2024 State of the Security Industry Report from HID Global studies trends and changes in the security industry. This year six major themes emerged surrounding mobile identity, multi-factor authentication, biometrics, AI, and sustainability. The research includes data from more than 2,500 individuals – partners, end users, and security/IT personnel – from around the globe. Respondents […]
CIDN logo reversed
The only publication dedicated to the use of campus cards, mobile credentials, identity and security technology in the education market. CampusIDNews – formerly CR80News – has served more than 6,500 subscribers for more than two decades.
Twitter

Feb. 1 webinar explores how mobile ordering enhanced campus life, increased sales at UVA and Central Washington @Grubhub @CBORD

Join Jeff Koziol and Robert Gaulden from @AllegionUS as we explore how mobile credentials and proptech are changing on- and off-campus housing.

Load More...
Contact
CampusIDNews is published by AVISIAN Publishing
315 E. Georgia St.
Tallahassee, FL 32301
www.AVISIAN.com[email protected]
Use our contact form to submit tips, corrections, or questions to our team.
©2024 CampusIDNews. All rights reserved.