We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byMolly Muriel
Modified over 2 years ago
© 2012 Boise State University1 Click for Next Slide! Information Security for Faculty and Researchers Created By OIT Information Security Services
© 2012 Boise State University2 Click for Next Slide! Information Security for Faculty & Researchers Role of Information Security Office State and Federal Law Boise State Policy Definitions: Personal Data Institutional Data Public Data Intellectual Property Research Data Copyrighted Materials Confidential Information Best Practices for Protecting Information
© 2012 Boise State University3 Click for Next Slide! State and Federal Law Alphabet Soup... FERPA HIPAA PCI-DSS GLBA SOX Red Flag Alerts DMCA Idaho Code § §28-51-
© 2012 Boise State University4 Click for Next Slide!... And Boise State Policy Information Technology Resource Use (8000) Information Privacy and Security (8060) University Records and Archives (1020) Non Discrimination and Anti-Harassment (1060)
© 2012 Boise State University5 Click for Next Slide! Personal Data Your own sensitive information stored on MyBoisestate, Broncomail or in your office Name Address Social Security Number Banking Information Insurance Information Family Information
© 2012 Boise State University6 Click for Next Slide! Institutional Data Any data that is subject to state or federal regulation, data that is required to be protected by contractual obligation, as well as all data created, collected, maintained, recorded or managed by the university, its staff, and agents working on its behalf. It includes data used for planning, managing, operating, controlling, or auditing university functions; especially data used by multiple university units; and data used for university reporting. University data also includes research data that contains personally-identifiable subject information, or proprietary university information and trade secrets From: Boise State Data Classification StandardBoise State Data Classification Standard
© 2012 Boise State University7 Click for Next Slide! Public Data Information that is available through open records requests While public information is generally available for viewing by the public, certain rules and conventions apply about how and when the information may be viewed.
© 2012 Boise State University8 Click for Next Slide! Intellectual Property Information developed through non-sponsored research: May be stored in computers, on media, in printed form, etc. May be copyrightable May generate income May be subject to laws and/or policies Intellectual Property Policy (1090)
© 2012 Boise State University9 Click for Next Slide! Research Data Information developed through sponsored research: All the characteristics of non-sponsored research, plus... May be subject to contractual obligations
© 2012 Boise State University10 Click for Next Slide! Copyrighted Materials Applies to printed material as well as audio, video, images and other media Copying or duplicating without permission may have serious legal and/or financial consequences Be aware of peer-to-peer file sharing enabled on your computer
© 2012 Boise State University11 Click for Next Slide! Confidential Data Students, Faculty, Staff, Donors, Contractors Financial Records Grades Credit Card Information Health Care Information Addresses Phone Numbers Insurance Records Social Security Numbers Protected By Law!
© 2012 Boise State University12 Click for Next Slide! Best Practices More Alphabet Soup PII P ersonally I dentifiable I nformation This is the Key Acronym!
© 2012 Boise State University13 Click for Next Slide! Best Practices Safeguard The Information on Your Computer And In Your Office Your Personal Information Student Information Your Research
© 2012 Boise State University14 Click for Next Slide! Best Practices How Can Data be Lost? Laptop or other data storage system stolen from car, lab, or office. Research Assistant accesses system after leaving research project because passwords aren't changed. Unauthorized visitor walks into unlocked lab or office and steals equipment or accesses unsecured computer. Unsecured application on a networked computer is hacked and data stolen.
© 2012 Boise State University15 Click for Next Slide! Best Practices What is the result of lost data? Loss of personal use of a computer Loss of funding Fines Bad Publicity Expose students, staff, contractors, donors to identity theft
© 2012 Boise State University16 Click for Next Slide! Best Practices Protecting Information If you print itgo get it right away Lock up sensitive informationincluding laptops Store sensitive information on file servers Consider whether you really need to store it Shred it if you can Data Retention Standards
© 2012 Boise State University17 Click for Next Slide! Best Practices Protecting Information Use strong passwords Change passwords often Use different passwords on different systems Never share your password Password protect your screensaver Manually lock your screen whenever you leave your desk
© 2012 Boise State University18 Click for Next Slide! Best Practices Protecting Information Be sure your computers operating system and anti-virus software are up-to-date Never open unsolicited from an unknown source or click on unfamiliar web addresses Follow computer salvage proceduresfor disks, too!
© 2012 Boise State University19 Click for Next Slide! Universities in the News! University of Idaho 70,000 Donor Records University of Texas at Austin 225,000 Student Records UCLA 500,000 Student Records
© 2012 Boise State University20 Click for Next Slide! Idaho in the Cybersecurity News But not in a good way! August Idaho Army National Guard A small computer drive containing Social Security numbers and other personal information about every Army National Guard soldier in Idaho has been stolen. 3,400 records Mar. 10, 2007 University of Idaho A data file posted to the school's Web site contained personal information including names, birthdates and Social Security numbers of University employees. 2,700 records Dec. 7, 2005 Idaho State University, Office of Institutional Research ISU discovered a security breach in a server containing archival information about students, faculty, and staff, including names, SSNs, birthdates, and grades. Unknown number of records
© 2012 Boise State University21 Click for Next Slide! University NOT in the News! Boise State University Zero Lost Records So Far! Go Broncos!
© 2012 Boise State University22 Click for Next Slide! What To Do! Know who to call! I think my computer is infected, what do I do? Call the Help Desk I think I lost the USB drive I used to take some sensitive files home to work on, what do I do? Call the Information Security Office
© 2012 Boise State University23 Click for Next Slide! Information Security for Faculty & Researchers Information Security Services Website With links to laws and recommendations for protecting information
© 2012 Boise State University1 Information Security for Your Office Created By OIT Information Security Services
© 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services
1 Data Handling at Purdue. Section I The Importance of Data Security (slides 4 – 5) Laws and Policies (Slides 7 – 18) - Federal - State - Purdue Section.
Awareness - Protecting our Data Personally Identifiable Information (PII)
1 Gramm-Leach-Bliley Act (GLBA) Implementation of the Safeguards Rule Information Security Program University of Minnesota (Adapted from the Federal Trade.
Mount Auburn Hospital Information Security Awareness Training How to protect electronic information at work and at home.
Company LOGO Data Protection Fundamentals Sensitisation MQA By : Mrs. Pravina DODAH Mr. Hemrajsingh BHUGOWON Date : 09 Nov 2012.
Privacy and Information Security Training ( ) Privacy and Information Security Training Vanderbilt University Medical Center Information.
University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.
UNIVERSITY OF ALABAMA V HIPAA Privacy and Security Training For Employees Compliance is Everyones Job 1 INTERNAL USE ONLY For UA Health Care Components,
Personal Information Security Workshop Williams College Office for Information Technology (OIT) Winter 2010.
Identity Theft Deter, Detect, and Defend At Home & At Work.
Personal Accountability for Data Stewardship 1 st Year Medical Students – October 18, nd Year Medical Students – October 9, 2012 Noella RawlingsRichard.
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
How to protect your laptop, smartphone & other mobile devices CYBER SECURITY ON THE GO TCU Information Security Services.
Personal Information Security and Malware Awareness Workshop Bard College at Simons Rock Information Technology Services (ITS) Summer 2012 (Please sign.
SECURITY AWARENESS. The Importance of Security Awareness Training Security Awareness Training provides the knowledge to protect information systems and.
Virginia Department for Aging and Rehabilitative Services.
University Services. Agenda Technology Support Data Privacy and Security Software and Hardware Discounts for U of M Staff.
HIPAA Security Awareness What You Need To Know. Training Overview This course will discuss the following subject areas: How this training relates to you.
1 Information Security Awareness Training: Good Computing Practices for Confidential Electronic Information Information Security Training for all Workforce.
Slide 1 Information Protection Policies Training for MGH/MGPO Protecting Our Patients Privacy is EVERYONES responsibility Massachusetts General Hospital.
Welcome to the SPH Information Security Learning Module.
Ross Hughes | Dec U.S. Department of Education 2013 FSA Training Conference for Financial Aid Professionals Detecting, Protecting, Preventing, and.
Breach vs. Incident – a Guided Discussion Sharon Blanton, PhD Craig Schiller, CISSP-ISSMP, ISSAP Chief Information Officer Chief Information Security Officer.
Learning Module #2 HIPAA and Compliance For Clinical Students and Instructors FVHCA Member Clinical Sites Reviewed
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall 14-1 MANAGING INFORMATION TECHNOLOGY 7 th EDITION CHAPTER 14 INFORMATION SECURITY.
1 PCI Compliance Training University of Nevada, Reno Presented by The Controllers Office.
Leon County Schools Teacher Website Guidelines Teachers of the LCS School District are invited to create websites which reflect the professional image.
1 HIPAA Privacy Standards Health Insurance Portability and Accountability Act – HIPAA Privacy Standards Healthcare Provider Training Module Copyright 2003.
© 2016 SlidePlayer.com Inc. All rights reserved.