Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services

Similar presentations


Presentation on theme: "© 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services"— Presentation transcript:

1 © 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services

2 © 2012 Boise State University2 Click for Next Slide! Universities in the News! University of Idaho 70,000 Donor Records University of Texas at Austin 225,000 Student Records UCLA 500,000 Student Records

3 © 2012 Boise State University3 Click for Next Slide! University NOT in the News! Boise State University Zero Lost Records So Far! Go Broncos!

4 © 2012 Boise State University4 Click for Next Slide! The Information We Keep Students, Faculty, Staff, Donors, Contractors Financial Records Grades Credit Card Information Health Care Information Addresses Phone Numbers Insurance Records Social Security Numbers All Protected By Law!

5 © 2012 Boise State University5 Click for Next Slide! Alphabet Soup Everybody Loves Acronyms! FERPA HIPAA PCI-DSS GLBA SOX Red Flag Alerts Idaho Code §

6 © 2012 Boise State University6 Click for Next Slide! Alphabet Soup PII P ersonally I dentifiable I nformation This is the Key Acronym!

7 © 2012 Boise State University7 Click for Next Slide! Alphabet Soup FERPA F amily E ducational R ights and P rivacy A ct Protects the privacy of students educational records Non-compliance? Loss of federal funding Fines Expose students to identity theft

8 © 2012 Boise State University8 Click for Next Slide! Alphabet Soup HIPAA H ealth I nformation P ortability and A ccountability A ct Protect confidentiality of health care information Protect workers health insurance when changing jobs Standardize electronic health care data interchange Non-compliance? Fines Expose students and employees to identity theft

9 © 2012 Boise State University9 Click for Next Slide! Alphabet Soup PCI-DSS P ayment C ard I ndustry D ata S ecurity S tandard Industry requirements for protecting customer payment account information – Established by consortium of the major payment card brands Non-Compliance? Increased fee$ for accepting credit card payments Mandatory PCI-DSS audits (paid for by Boise State) Identity Theft

10 © 2012 Boise State University10 Click for Next Slide! Alphabet Soup GLB G raham- L eech- B liley A ct of 1999 Requires financial institutions to protect their customers personally identifiable information Non-Compliance? Fines Exposure of students, families, and employees to identity theft

11 © 2012 Boise State University11 Click for Next Slide! Alphabet Soup SOX S arbanes- OX ley Act of 2002 Requires all publicly held companies to submit an annual assessment of the effectiveness of their internal financial auditing controls to the Securities and Exchange Commission Officers of the companies must certify that they arent cooking the books

12 © 2012 Boise State University12 Click for Next Slide! Alphabet Soup Red Flag Alerts Fair and Accurate Credit Transactions Act Requires monitoring and alerting for suspicious transactions that could indicate identity theft or fraud Broad list of suspicious transactions

13 © 2012 Boise State University13 Click for Next Slide! Alphabet Soup Idaho Code § Idahos Identity Theft Law Requires reporting of security breaches which expose Personally Identifiable Information that can be used to obtain credit, apply for Drivers License, or apply for other forms of identification

14 © 2012 Boise State University14 Click for Next Slide! Boise State Policies Information Technology Resource Use (BSU # 8000) Information Privacy and Security (BSU # 8060) Cash Handling (BSU # 6010)

15 © 2012 Boise State University15 Click for Next Slide! Alphabet Soup - - TMI !!! Or TMA -- too many acronyms! What should I do?

16 © 2012 Boise State University16 Click for Next Slide! Protect Constituent Data If you print itgo get it Shred it if you can Be sure you can release it If you arent sure, check with your supervisor Lock it up! Dont leave sensitive information in the open That includes laptops and other mobile media Know What Boise State Policy Requires

17 © 2012 Boise State University17 Click for Next Slide! Follow Information Security Best Practices Use strong passwords Change passwords often Use different passwords on different systems Never share your password

18 © 2012 Boise State University18 Click for Next Slide! Follow Information Security Best Practices Password protect your screensaver Manually lock your screen whenever you leave your desk Store sensitive information on file servers Never open unsolicited from an unknown source or click on unfamiliar web addresses Be sure your computer and anti-virus software are up-to- date

19 © 2012 Boise State University19 Click for Next Slide! Follow Information Security Best Practices Know who to call I think my computer is infected, what do I do? Call the Help Desk at I think Ive lost the USB drive I used to take some sensitive files home to work on, what do I do? Call the Information Security Office at

20 © 2012 Boise State University20 Click for Next Slide! Information Security on the Front Lines Incident Response Procedure


Download ppt "© 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services"

Similar presentations


Ads by Google