Presentation is loading. Please wait.

Presentation is loading. Please wait.

Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, 2014 1IT Security, East Carolina University.

Similar presentations


Presentation on theme: "Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, 2014 1IT Security, East Carolina University."— Presentation transcript:

1 Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, IT Security, East Carolina University

2 Enabling your information systems to provide the services required to meet your instructional and research goals, while protecting the critical information entrusted to you 2IT Security, East Carolina University

3 It is ok to share my login and password with my supervisor in order access my data when Im out of the office. It is ok to access my ECU on my smartphone even though I dont have a password. Should I inform the Helpdesk if I lose my personal smartphone? I love my IPAD to access ECU ! Since my ECU has a password, its not important to have a pw on my IPAD. If others school use a PCI compliant solution, I dont need to get approval to use the same solution. 3IT Security, East Carolina University

4 Use strong passwords and do not share them with ANYONE Lock your computer (Ctrl-Alt-Del) when not in use Lock office doors, drawers, and cabinets where sensitive information is stored Never leave your laptop unattended in public Encrypt all portable devices 4IT Security, East Carolina University

5 Consider consequences of downloading data from the ECU administrative systems (Banner, Blackboard, Electronic Health Record (EHR), etc. Do not download ECU sensitive data (e.g. financial, student, patient, legal, HR) to unencrypted local devices (desktop computer, laptop, flash drive, smartphone, web pages, CLOUD, etc.) 5IT Security, East Carolina University

6 Password protect your smartphone Be cognizant that s on a lost smartphone can be accessible to anyone who finds it Report to the helpdesk lost or stolen smartphone containing ECU data (inclusive of ) 6IT Security, East Carolina University

7 Use Pirate Drive, or ITCS supported servers if you must download or store sensitive data Ensure you are aware of the compliance requirements for protecting your data (e.g. PCI, UNC- FIT, GLBA, FERPA, HIPAA, Legal, etc.) 7IT Security, East Carolina University

8 Encrypt sensitive data (e.g. student, patient, legal, HR) in storage and transmission (via , file transfer to other agencies, portable devices, etc.) Physically secure both electronic and paper files Do not store backup copies of sensitive information on unencrypted storage devices (e. g. flash drives, CDs, home PC, etc.) 8IT Security, East Carolina University

9 Limit the services or tasks performed on your computer that are used to enter or processed sensitive data (e.g. web surfing, downloading free apps, Facetime) If working from home, store your data on Pirate Drive and access through the virtual private network (VPN)- (data in one secure location and backed up daily) If you have a laptop or ECU issued computer to work from home, use it rather than the family computer 9IT Security, East Carolina University

10 Ensure all data are appropriately destroyed when no longer needed Address non-compliance of others in your department Encourage Awareness Training for all 10IT Security, East Carolina University

11 Updating Information Security Policies, Standards and Best Practices Server Administrators Security Best Practices Best Practices for Other Areas Educational and Awareness Training Program Exploring Information Security Subject Matter Experts (SME) IT Staffing Plan to Address IT Purchase Review 11IT Security, East Carolina University

12 Requiring Pin for Smartphone Outlook Access Flagging Sensitive Data Transmitted External to ECU Sensitive Data Scanner to find sensitive data Mobile Device Management for Smartphone Network Access Control for enhanced security Log Management for audit logs Internal Dropbox solution 12IT Security, East Carolina University

13 ITCS IT Security Pirate Drive ITCS Assistance and Consultation 13IT Security, East Carolina University


Download ppt "Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, 2014 1IT Security, East Carolina University."

Similar presentations


Ads by Google