In light of the recent tragedy at The Covenant School in Nashville, our 4-H Centers have begun work on making the Centers even safer and more secure, which is worthy of much gratitude. I want to remind you about the UTIA Security Camera Procedures and share the newly created form that will let you know what information you need to submit so there are records on file for these cameras being used. I also have some software updates to let you know about. And I got a great question to share this week.

Policy/Procedure Reminder

• UTIA IT0303P – Security Camera Procedures
  • These procedures were created to help those who are located at all non-Knoxville campus locations owned, operated, or provided by the Institute to have guidance with regards to setting up security cameras.
  • These procedures are important for understanding the legal ramifications of using surveillance equipment.
  • These procedures make it clear that the regional IT representative must be consulted to ensure the network is capable of camera usage without degradation of network performance.
  • The procedures also explain that signs must be posted notifying visitors that the premises are under surveillance.
  • Any time minors are attending an event at the location, parents must be informed in writing that there are security cameras in use.
  • The procedures ask that you contact local law enforcement as soon as unusual or suspicious activity is seen.
  • In addition, the procedures cover very important information and references to UTIA policies, UT System polices, and State laws.
  • If you already have cameras installed at your location, but have not followed the requirements in UTIA IT0303P – Security Camera Procedures, please make sure that you do this right away.
  • I must make it very clear, though, that if you are located on the Knoxville-area campus, meaning that UTPD has jurisdiction over your location, you must go through UTPD and their Surveillance Oversight Committee for all your surveillance requests.
    • Please visit https://safety.utk.edu/police/services/security-cameras/.
    • Please read UTK’s Campus Procedure on the Acceptable Use of Video Surveillance.
    • If you are on the Knoxville-area campus and agree with the above procedure, you can submit a camera request form.

• UTIA IT0303F – Security Camera Information Form
  • This form is vital for collecting information about the use and locations of security cameras at non-Knoxville campus locations for potential reporting to UT Audit and Compliance, UT’s Office of General Counsel, and/or the State of Tennessee in the event of any investigations or liability issues.
  • This form is not about asking for permission to install security cameras at non-Knoxville campus locations, but rather accepting that you will comply with policies, procedures, and state law that apply here.
  • By completing the form, the Director or Department Head understands they are responsible for complying with all items in UTIA IT0303P – Security Camera Procedures.
  • If you already have cameras installed at your location, but have not followed the requirements in UTIA IT0303P – Security Camera Procedures, please make sure that you do this right away.

Ask Your CISO

• Is it okay to use ChatGPT?
  • This is a great and timely question.
  • As an IT person, I love it when anyone gets excited about a new technology.
  • As a CISO, I *REALLY* love it when someone asks a question like this prior to jumping right in.
  • ChatGPT has been in the news a bit lately, but not for the right reasons.
  • Some of the most recent news has been that ChatGPT has been found to plagiarize written works, as well as artwork.
  • ChatGPT has also been reported as spewing misinformation, such as conspiracy theories, based on the vast amount of misinformation found on the Internet.
  • In addition, ChatGPT has been found to often use racist and sexist language.
  • Because of these negative issues, ChatGPT is unreliable.
  • That said, I cannot agree with the use of ChatGPT or its other Artificial Intelligence (AI) competitors at this time.
  • I know that AI is touted as the future of technology, but I would like to see things settle down and become more sophisticated and reliable before educational institutions start using some of these AI tools being made available.
  • I can tell you that many other CISOs in higher education are in agreement.
  • In the meantime, here is a pretty good article on EDUCAUSE that talks about the good and bad sides of ChatGPT, but does not go so far as to endorse its use just yet.

Browser, OS, and Software Updates

• Microsoft
  • Microsoft has released updates to address multiple vulnerabilities in Microsoft software.
  • Exploitation of these vulnerabilities could allow an attacker to obtain sensitive information.
  • Updates are being automatically pushed to Institute-owned computers.
  • If you have recently clicked to have your computer restart later to finish these updates, please make sure you reboot right away to ensure all available updates have been applied.
• Adobe
  • Adobe has released security updates to address vulnerabilities in multiple products.
  • Please make sure you have applied all available updates for all Adobe products.
  • Exploitation of these vulnerabilities could allow an attacker to take control of an affected device.
  • Updates are being automatically pushed to Institute-owned computers.
  • If you have recently clicked to have your computer restart later to finish these updates, please make sure you reboot right away to ensure all available updates have been applied.

Thank you so much for all you do to protect the Institute and its data. I am here to help you, so please don’t hesitate to let me know if you have questions or concerns. Thank you always for your feedback!

Sandy