Presentation on theme: "Secure Transit & Storage HOW TO SECURELY STORE & SEND CONFIDENTIAL DATA by The UTHSC Information Security Team."— Presentation transcript:
Secure Transit & Storage HOW TO SECURELY STORE & SEND CONFIDENTIAL DATA by The UTHSC Information Security Team
Current Challenges Certain data files require large amounts of storage Having multiple copies and secure backups in the event data or file is lost or corrupted Securing files and data but also making those files easily accessible Share and send confidential data securely
Confidential Data & Information Unique Identifiers Examples Name & Email Addresses Address and Phone/Fax Number SSNs Identifying Photography Account, certificate, and license numbers Vehicle identifiers and serial numbers, including license plate numbers Device identifiers and serial numbers URLs and IP Addresses Applies to ALL applicable Federal, State, Local laws and regulations related to safeguarding confidential data and information.
What To Do Protect confidential data or information. Recognizing the unique identifiers. Refrain from texting confidential data/information. Use trusted and authorized email systems to send and receive confidential data and information. There are a number of email systems you do not want to use including Gmail, Yahoo, AOL, and other unauthorized email systems. Keep confidential data contained. Try to refrain from forwarding emails.
What’s the Potential Harm? Breaches of data security can result in Damage to reputation Disruption of operations Legal liability under new and amended laws, regulations, and guidelines, as well as under contracts Financial costs
Xythos Storage & Secure File Sharing Xythos is content management software that allows you to place files in a central location so they can be accessed via the internet. You can upload, access, and share files from anywhere with any computer that is connected to the internet. With a Xythos account you can share your files and folders with anyone at UTHSC or outside of the college. Xythos offers: An alternative secure way of sharing files without the use of e-mail attachments Ease of access from anywhere A browser-based, OS-Independent web interface Flexible, user defined shares to anyone on and off campus Secure file transfers https://academic.uthsc.edu/edtech/xythos/
SharePoint Online (O365) Storage & Secure File Sharing Cloud-based collaboration; all the functionality of our existing SharePoint server plus more Cloud-based collaboration; all the functionality of our existing SharePoint server plus more Retirement of the on-premise SharePoint server will be considered after the Office 365 Education implementation. All existing SharePoint data will be retained. Rollout: Fall 2015 http://www.uthsc.edu/its/pmo/projects/index.php
Encrypted Cloud EnCrypted Cloud is an encryption and sharing mechanism. Protect and share your files in seconds from your existing cloud provider on any device. Track & control access to your files even after you’ve hit Send. Connect with current cloud drives like Dropbox, GoogleDrive, OneDrive, and Box. Contact the UTHSC Information Security Team if you or your department is interested in trying Encrypted Cloud. https://www.encryptedcloud.com/
Exchange (O365) Migration to cloud-based email server (no changes to Outlook); increase in quota from 1GB to 25GB Encrypted Email Rollout: Fall 2015 http://www.uthsc.edu/its/pmo/projects/index.php
UT Courier Secure Email (UT Vault) Transmit confidential data and information with UT and non-UT personnel UT Users Max file size: 1.5GB Cumulative Storage: 10GB Number of messages allowed to be sent: 50/hr Number of messages a single address can receive: 50/hr Non-UT Users Max file size: 1.5GB Cumulative Storage: 3GB Number of messages allowed to be sent: 3/hr Number of messages a single address can receive: 2/hr https://vault.utk.edu/ http://help.utk.edu/kb/index2.php?searchfor=UT+Vault&func=search
Computer and Laptops Full Disk Encryption (FDE) Trend Micro Minimizes impact in case of data theft and accidental data loss along with information security violations, reputation damage, and revenue loss. In the event a device is lost or stolen, full disk encryption ensures your data is unreadable. Rollout: Fall 2015 http://www.uthsc.edu/its/pmo/projects/index.php
iPads and Tablets Passcode Download and Install all Office365 Apps from Microsoft, Inc. using your UTHSC credentials (Rollout: 2015-2016 Fiscal Year) Tablets (android devices) Native Encryption within settings
iPhones & Androids Passcode Download and Install all Office365 Apps from Microsoft, Inc. using your UTHSC credentials (Fall 2015) Tablets (android devices) Native Encryption within settings
Encrypted USB Encrypted and Authorized USB or Jumpdrives are suitable for transit of confidential data and information Individuals MUST take necessary precautions in safekeeping the USB
Summary Learn to recognize unique identifiers. NEVER text confidential data or information. Use ONLY secure and authorized systems to store and transfer confidential data and information. THINK before you send or store. If you are in doubt, contact Information Security.
UTHSC Information Security Team L. Kevin Watson email@example.com (901) 448-7010 Frank Davison firstname.lastname@example.org (901) 448-1260 Jessica McMorris email@example.com (901) 448-1579 Ammar firstname.lastname@example.org (901) 448-2163 Information Security Email: email@example.com@uthsc.edu Website: security.uthsc.edusecurity.uthsc.edu To report phishing and spam email forward it to firstname.lastname@example.org@uthsc.edu