Topic: Forum and IDRS WWW access

One universal complaint expressed by members regarding the migration to Forum is the awkwardness of the login process to IDRS Forum and to IDRS WWW sites. The purpose of this message to explain the reasons for the login process.

IDRS Forum and IDRS WWW are two separate sites. IDRS Forum is serviced by a commercial server under the domain name of <doublereed.org> , and IDRS WWW is serviced by a university server under the domain name of <colorado.edu and idrs.org>.  Because of the two physical locations of the sites, IDRS Forum cannot use the same security system used by IDRS WWW without significant compromise to the existing IDRS WWW security system.

I can remove the initial access security to IDRS Forum, however, without this security, the Forum would be open to anyone, including potential spammers and cyber thieves. The first login provides a minimum level of security that, to an extent, prevents unwanted cyber stalkers to enter and abuse the Forum.

Security is/should be a major concern for all of who use the Internet. Personally, I do not give my email or personal information to ANY site. Also, I do not join ANY bulletin boards and lists until I research the organization and know for certain that the information that I input and provide will be secure and will not be abused by the provider. Both lists and bulleting boards are major generators of spam. AOL now prevents email from most lists and BBS service providers.

IDRS WWW requires the highest level of security, because IDRS uses the server to process membership that involves credit card transactions. IDRS WWW also maintains  databases of membership that contain personal information including names, addresses, phone numbers and email addresses of members. All of you must agree that there is the need for tight security of a server of this nature.

Many universities, including the University of Colorado and most corporations have converted from an open Internet infrastructure to a closed system. I must use a special secure account (VPN) to login to the University Internet system (Intranet). Some corporate government Intranet allow access to and from specified sites only, and prevent access to non-essential services (in their mind), such as streaming videos and podcasts.

I know that it is inconvenient to login twice, however, considering the benefits, and for the sake of the security of our members, I would like to keep the doors locked.

Yoshi Ishikawa
Professor of Bassoon, University of Colorado at Boulder, College of Music
Editor, IDRS OnLine Publications