FISSEA
Members' E-Mail List:
FISSEA Members' E-Mail
List: The NIST Computer Security Division is hosting the FISSEA membership e-mail
list in support of FISSEA and the federal IT security community. The list is
not moderated; any FISSEA member subscribed to the list can post a message directly
to the list. However, to help ensure that this service does not become a free-for-all
. . . an example of anarchism in action . . . we are asking for your help in
following the guidance in this note. For example, there is a correct way to
ask to be removed from the list, a way that does not result in every other member
on the list hearing a "get me off this list" request, and inflaming the entire
membership in the process. This issue is addressed in detail below.
Why A FISSEA
Membership List?:
Why a list? This list
will allow you to converse with other IT security professionals who have an
interest in awareness, training, and education issues. Any issue related to
federal IT security awareness, training, and education is fair game for this
list. It can be used to ask for help from the many veterans in FISSEA who have
experience designing, developing, implementing, and maintaining awareness and
training programs.
Why a list? Do you have
an awareness program, but need to develop a training course for a particular
audience? Chances are that some other FISSEA members have already developed
this for their agencies. Ask if anyone would send you their material, or an
outline, if you just need to get started. Are you considering hiring a contractor
to develop awareness or training material? Would you like input from people
who can recommend someone? Would you like to know what material is out there
for the taking? DISA (do you know who they are?), Department of Energy, and
other agencies have material you can download. I'm sure you will find other
reasons to use the list . . . just ask.
To Post
A Message To The FISSEA List:
To post a message to
the list, send it to:
fissea@nist.gov
The list is not moderated, in that
neither Peggy Himes nor I review each message before it is allowed to hit the
list.
Controls On The FISSEA
List:
Only people who have been subscribed
(added) to the list by Peggy or I can post messages to the list. The upside
is that we should not see spam from outside the list. The downside is that even
though you are a FISSEA list member, if you attempt to send a message to the
list from an address that is not on the list (e.g., your home account, a secondary
work account) the e-mail list server here at NIST will not allow your message
to be posted. For example, I am known to the FISSEA list as mark.wilson@nist.gov.
However, if my e-mail package knows me as mwilson@nist.gov and identifies outgoing
messages as such, this address will not be recognized by the FISSEA list. Make
sure that the address that your e-mail package assigns to your outgoing messages
is the same as the address you provided us when you joined FISSEA.
If you want to be able to send messages
to the list from an account other than the one you are using now, let Peggy
know. If you send a message to:
fisseamembership@nist.gov
To Unsubscribe From
The FISSEA List:
To get our attention to remove your
address from the list, send a message to:
fisseamembership@nist.gov
Do not send a message to the list
asking to be removed. The last time this occurred there were so many "get me
off this list" follow-up requests that we had to shut the list down for an extended
period of time until we sorted through all of these requests and updated the
subscriber list. Some of these requests were from members who were perfectly
content with the flurry of messages on the list that dealt with awareness, training,
and education, but were quickly disillusioned by the "get me off . . ." messages
sent to the entire membership.
Your List And Attached
Files:
Please do not send attached files
to the list. If, during the course of corresponding to fellow list members about
an awareness or training course or module that you have developed, someone asks
for it, send it to them, not to the list. If there is significant interest in
material that you are developing, we would encourage (beg) you to send it to
us (Peggy or me) and let us post it on our Awareness, Training, and Education
pages of our Computer Security Resource Center (CSRC) - http://csrc.nist.rip/ATE/.
If you send a file to the list, we will provide one reminder. If you send a
second file we will remove you from the list.
Your
List And Replying To A Message:
If you reply to a message from someone
on the list, your reply should go only to the sender, not to everyone on the
list. When you begin to reply, check the address that appears in the "To:" block
of your soon-to-be-outgoing message; make sure it is to the sender and not the
list. Keep in mind that the list has several hundred members. Determine before
you send your reply if your message would be of value to many of the list members,
or to just the sender to whom you are replying. If your e-mail package's default
is set to "reply to sender" (the entire FISSEA list) or "reply to all" please
change the default, or change the address that your mailer places in the "To:"
line to the individual who should receive your reply.
Your
List And "Me Too" Messages:
Please avoid sending "me too" agreement
messages to the list. If you would like a copy or follow-up information related
to something that a member has posted, send a message to that individual, not
to the entire membership.
Your
List And Advertisements:
Advertisements will not be posted
to the list. During the March 2002 FISSEA Conference business meeting, we discussed
the practice of posting advertisements to the list. Since May 2001, we have
posted ads to the list. However, we have noticed that the frequency of ads appearing
on the list has increased, while the frequency of messages that would inspire
an exchange of information - the purpose for the list - has decreased. Following
discussion during the 2002 Conference, the membership decided that ads should
not be posted to the list.
If a FISSEA member sends a message
to the list, asking for help in creating awareness or training material, vendors
on the list may reply, but must do so privately . . . not to the list.
Providers of awareness, training,
and education material and related services may have their company or school
listed on the NIST Computer Security Resource Center (CSRC) website, on the
appropriate awareness, training, education (ATE), and professional development
page(s). If your business or school is not already listed in the ATE pages on
CSRC, let me know. The ATE pages are at:
http://csrc.nist.rip/ATE
Within reason, we will mention upcoming
events on CSRC's Events page, which can be found at:
http://csrc.nist.rip/events/
One Last Word On Advertisements:
If you reply to a query sent to the
list (asking for sources of training or material, for example), ensure that
your reply is not a thinly veiled ad. One way to avoid this possibility is by
replying directly to the individual who is asking for assistance, not to the
entire membership. If you send such an ad to the list, you will hear from us.
A second occurrence will result in removal of your e-mail address from the FISSEA
e-mail list. (You would continue to be a FISSEA member, but would not be on
the membership's e-mail list.)
Thanks, and enjoy your list. Please
contact me if you have any questions or concerns.
Mark Wilson
NIST/FISSEA Liaison
(301) 975-3870
mark.wilson@nist.gov
(last updated on March 12, 2002)
|