Presentation is loading. Please wait.

Presentation is loading. Please wait.

J. Rick Mihalevich Dean of Information Technology Linn State Technical College 573.897.5129 June 18, 2009.

Published byKelley O’Brien’ Modified over 8 years ago

Similar presentations

Presentation on theme: "J. Rick Mihalevich Dean of Information Technology Linn State Technical College 573.897.5129 June 18, 2009."— Presentation transcript:

1 J. Rick Mihalevich Dean of Information Technology Linn State Technical College rick.mihalevich@linnstate.edu 573.897.5129 June 18, 2009

2  Provide awareness of the need  Provide awareness of the major laws that impact public entities  Provide information on best practices, technology, and trends  Provide resources for further information

3 Security Concerns and Public Entities  Open  Accessible  Transparent  Accountable

4 Linn State Technical College Security Infrastructure  LSTC currently utilizes XXXXXX to provide data XXXXXX processes which impacts approximately XXXXXX blocked attacks daily.  XXXXXXX manages a XXXX XXXX router at the gateway  LSTC utilizes XXXXXX Firewall  The DMZ is attached to a XXXXXXX appliance.  All packets are inspected by XXXXXX and XXXX security software is used to protect against XXXXXX attacks.

5  2006 26.5 million veterans was compromised when a laptop was stolen  2007 Inspector General for Tax Administration found 490 laptops containing sensitive taxpayer data had been lost or stolen  2006 Employee information at the department of agriculture was compromised by unauthorized access Examples of Compromised Data

6  FERPA: Family educational rights and privacy act  HIPAA: Health insurance portability and accountability act  GLB: Gramm-Leach-Bliley Act  The Privacy Act  E-government Act  FISMA: The Federal Information Security Management act

7  Conclusion #1: LSTC Infrastructure ◦ Security by Obscurity  Conclusion #2: Examples of Compromised Data ◦ Employees may pose the greatest risk  Conclusion #3: Public Laws ◦ Balance between openness and security  Public Trust  Restricting access, in the name of security is no vise

8

9  Pass Phrase  Thumb drive encryption  Encryption of laptops  Virtual Private Networks (VPN’s)  Touchpad security  Effective patch management

10  Security officer  Security by Obscurity  Not using SSN  Training and awareness  Change passwords frequently (Strong)  Don’t click on e-mail links

11

12  www.cybersecurity.mo.gov www.cybersecurity.mo.gov  www.msisac.org www.msisac.org  Department of Homeland Security  National Governors Association Center for Best Practices  National Association of Chief Information Officers  Governmental Accountability Office

13

14

15

16

17

18  Principles of openness, accuracy, transparency and accountability  How would you like your personal information handled  fairly and lawfully process it  process it only for limited, specifically stated purposes  use the information in a way that is adequate, relevant and not excessive  use the information accurately  keep the information on file no longer than absolutely necessary  process the information in accordance with your legal rights  keep the information secure  never transfer the information outside

19  ethnic background  political opinions  religious beliefs  health  sexual life  criminal history

Download ppt "J. Rick Mihalevich Dean of Information Technology Linn State Technical College 573.897.5129 June 18, 2009."

Similar presentations

Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, 2014 1IT Security, East Carolina University.

Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, IT Security, East Carolina University.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.

Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.
Amber LaFountain Project Archivist - Private Practices, Public Health Center for the History of Medicine Francis A. Countway Library of Medicine Harvard.

Amber LaFountain Project Archivist - Private Practices, Public Health Center for the History of Medicine Francis A. Countway Library of Medicine Harvard.
Springfield Technical Community College Security Awareness Training.

Springfield Technical Community College Security Awareness Training.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
The Privacy Office U.S. Department of Homeland Security Washington, DC 20528 t: 703-235-0780; f: 703-235-0442 Safeguarding.

The Privacy Office U.S. Department of Homeland Security Washington, DC t: ; f: Safeguarding.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
HIPAA Security Standards What’s happening in your office?

HIPAA Security Standards What’s happening in your office?
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Data Security At Cornell Steve Schuster. Questions I’d like to Answer ► Why do we care about data security? ► What are our biggest challenges at Cornell?

Data Security At Cornell Steve Schuster. Questions I’d like to Answer ► Why do we care about data security? ► What are our biggest challenges at Cornell?
Information Technology for the Health Professions, 2/e By Lillian Burke and Barbara Weill ©2005 Pearson Education, Inc. Pearson Prentice Hall Upper Saddle.

Information Technology for the Health Professions, 2/e By Lillian Burke and Barbara Weill ©2005 Pearson Education, Inc. Pearson Prentice Hall Upper Saddle.
New Faculty Orientation to Privacy and Security at UF Susan Blair, Chief Privacy Officer Kathy Bergsma, Information Security.

New Faculty Orientation to Privacy and Security at UF Susan Blair, Chief Privacy Officer Kathy Bergsma, Information Security.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Controls for Information Security

Controls for Information Security
Data Protection Overview

Data Protection Overview
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Data Protection Act. Lesson Objectives To understand the data protection act.

Data Protection Act. Lesson Objectives To understand the data protection act.

Similar presentations

Ads by Google