We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byTavion Hickerson
Modified over 2 years ago
© 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services
© 2012 Boise State University2 Click for Next Slide! Universities in the News! University of Idaho 70,000 Donor Records University of Texas at Austin 225,000 Student Records UCLA 500,000 Student Records
© 2012 Boise State University3 Click for Next Slide! University NOT in the News! Boise State University Zero Lost Records So Far! Go Broncos!
© 2012 Boise State University4 Click for Next Slide! The Information We Keep Students, Faculty, Staff, Donors, Contractors Financial Records Grades Credit Card Information Health Care Information Addresses Phone Numbers Insurance Records Social Security Numbers All Protected By Law!
© 2012 Boise State University5 Click for Next Slide! Alphabet Soup Everybody Loves Acronyms! FERPA HIPAA PCI-DSS GLBA SOX Red Flag Alerts Idaho Code §
© 2012 Boise State University6 Click for Next Slide! Alphabet Soup PII P ersonally I dentifiable I nformation This is the Key Acronym!
© 2012 Boise State University7 Click for Next Slide! Alphabet Soup FERPA F amily E ducational R ights and P rivacy A ct Protects the privacy of students educational records Non-compliance? Loss of federal funding Fines Expose students to identity theft
© 2012 Boise State University8 Click for Next Slide! Alphabet Soup HIPAA H ealth I nformation P ortability and A ccountability A ct Protect confidentiality of health care information Protect workers health insurance when changing jobs Standardize electronic health care data interchange Non-compliance? Fines Expose students and employees to identity theft
© 2012 Boise State University9 Click for Next Slide! Alphabet Soup PCI-DSS P ayment C ard I ndustry D ata S ecurity S tandard Industry requirements for protecting customer payment account information – Established by consortium of the major payment card brands Non-Compliance? Increased fee$ for accepting credit card payments Mandatory PCI-DSS audits (paid for by Boise State) Identity Theft
© 2012 Boise State University10 Click for Next Slide! Alphabet Soup GLB G raham- L eech- B liley A ct of 1999 Requires financial institutions to protect their customers personally identifiable information Non-Compliance? Fines Exposure of students, families, and employees to identity theft
© 2012 Boise State University11 Click for Next Slide! Alphabet Soup SOX S arbanes- OX ley Act of 2002 Requires all publicly held companies to submit an annual assessment of the effectiveness of their internal financial auditing controls to the Securities and Exchange Commission Officers of the companies must certify that they arent cooking the books
© 2012 Boise State University12 Click for Next Slide! Alphabet Soup Red Flag Alerts Fair and Accurate Credit Transactions Act Requires monitoring and alerting for suspicious transactions that could indicate identity theft or fraud Broad list of suspicious transactions
© 2012 Boise State University13 Click for Next Slide! Alphabet Soup Idaho Code § Idahos Identity Theft Law Requires reporting of security breaches which expose Personally Identifiable Information that can be used to obtain credit, apply for Drivers License, or apply for other forms of identification
© 2012 Boise State University14 Click for Next Slide! Boise State Policies Information Technology Resource Use (BSU # 8000) Information Privacy and Security (BSU # 8060) Cash Handling (BSU # 6010)
© 2012 Boise State University15 Click for Next Slide! Alphabet Soup - - TMI !!! Or TMA -- too many acronyms! What should I do?
© 2012 Boise State University16 Click for Next Slide! Protect Constituent Data If you print itgo get it Shred it if you can Be sure you can release it If you arent sure, check with your supervisor Lock it up! Dont leave sensitive information in the open That includes laptops and other mobile media Know What Boise State Policy Requires
© 2012 Boise State University17 Click for Next Slide! Follow Information Security Best Practices Use strong passwords Change passwords often Use different passwords on different systems Never share your password
© 2012 Boise State University18 Click for Next Slide! Follow Information Security Best Practices Password protect your screensaver Manually lock your screen whenever you leave your desk Store sensitive information on file servers Never open unsolicited from an unknown source or click on unfamiliar web addresses Be sure your computer and anti-virus software are up-to- date
© 2012 Boise State University19 Click for Next Slide! Follow Information Security Best Practices Know who to call I think my computer is infected, what do I do? Call the Help Desk at I think Ive lost the USB drive I used to take some sensitive files home to work on, what do I do? Call the Information Security Office at
© 2012 Boise State University20 Click for Next Slide! Information Security on the Front Lines Incident Response Procedure
© 2012 Boise State University1 Information Security for Your Office Created By OIT Information Security Services
© 2012 Boise State University1 Click for Next Slide! Information Security for Faculty and Researchers Created By OIT Information Security Services
Securing Information in the Higher Education Office.
Information Security 2013 Roadshow. Roadshow Outline Why We Care About Information Security Safe Computing Recognize a Secure Web Site (HTTPS) How.
Best PracticesUSCA Fall 2010: Baylor University3.
Springfield Technical Community College Security Awareness Training.
Data Breach: How to Get Your Campus on the Front Page of the Chronicle?
Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.
1 Red Flag Rules: What they are? & What you need to do Employee Training for Identity Theft : “RED FLAG RULES” February 2010.
Sensitive Data Accessibility Financial Management College of Education Michigan State University.
1 General Awareness Training Security Awareness Module 1 Overview and Requirements.
Information Privacy and Compliance Training For All Brigham Young University– Idaho Employees.
FAIR AND ACCURATE CREDIT TRANSACTIONS ACT (FACTA)- RED FLAG RULES University of Washington Red Flag Rules Protecting Against Identity Fraud.
R ed F lag R ule Training for the Veterinary Industry © Chery F. Kendrick & Kendrick Technical Services.
Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
New Faculty Orientation to Privacy and Security at UF Susan Blair, Chief Privacy Officer Kathy Bergsma, Information Security.
Electronic Records Management: What Management Needs to Know May 2009.
Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.
Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
Protecting Sensitive Information PA Turnpike Commission.
Information Security & Compliance Financial Services Workshop February 10, 2010.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
KDE Employee Training. What IS a Data Breach? Unauthorized release (loss or theft) of Sensitive or Confidential Data, such as PII, PHI, etc. On site or.
R ed F lag R ule Training for the Medical Industry © Chery F. Kendrick & Kendrick Technical Services.
© Chery F. Kendrick & Kendrick Technical Services.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Security Controls – What Works Southside Virginia Community College: Security Awareness.
The Health Insurance Portability and Accountability Act of Federal Law designed to protect sensitive information. HIPAA violations are enforced.
1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.
RMG:Red Flags Rule 1 Regal Medical Group Red Flags Rule Identify Theft Training.
© Chery F. Kendrick & Kendrick Technical Services, LLC.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined: the crime of obtaining the personal or financial information of another.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Identity Theft Prevention Program Red Flags Rules Fighting Fraud at Montana Tech.
Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.
DATA PROTECTION & FREEDOM OF INFORMATION. What is the difference between Data Protection & Freedom of Information? The Data Protection Act allows you.
ARKANSAS STATE LAW WHICH GOVERNS SENSITIVE INFORMATION…… PART 3B ARKANSAS PERSONAL INFORMATION PROTECTION ACT (PIPA)
WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.
Information Security Office Protecting Privacy in the New Millennium © Copyright Melissa Guenther, LLC. All rights reserved. Kelley Bogart – Information.
Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
Identity theft Protecting your credit identity. Identity Theft Three hundred forty three million was lost from consumers in 2002 The number of complaints.
Securing NPI Mary Schuster Mike Murphy. Gramm-Leach-Bliley Act Enacted to control the ways that financial institutions deal with the private information.
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
Information Security General Awareness Training Module 1 – Introduction For The UF HSC Workforce.
© 2017 SlidePlayer.com Inc. All rights reserved.