ESCCO Data Security Training David Dixon September 2014
What is data security? For our purposes data security simply means keeping information safely in your possession or in the hands of a trusted recipient
When do I need to think about it? You need to think about data security whenever you are accessing, saving, or ing data
Are there legal requirements we have to follow? “FERPA” Family Educational Rights and Privacy Act of 1974 “HIPAA” Health Insurance Portability and Accountability Act of 1996
Is this going to get really complicated? The technical aspects of this topic can be highly complex However, basic awareness and a few simple guidelines can make your data less vulnerable
RED FLAGS! Social Security Numbers Student Disability Information Student Test Scores Purchasing Card Numbers Discipline Data Any information that you would not want to share publicly
Accessing Information DOs Create passwords including upper and lowercase letters, numbers, and symbols when possible GOOD3xamp!e $h0CA$E Change passwords periodically Use different passwords for each account DON’Ts Don’t access agency information from either a public computer or public network (e.g. library or coffee shop) Don’t share or store your usernames or passwords where others can access them The ESC will never contact you to confirm your user name and password
Accessing Information Continued Trouble remembering all those passwords? –If you cannot remember your passwords, then consider using a password management tool
Saving Files DOs Only save sensitive files on your ESC issued computer DON’Ts Don’t save sensitive files on a public computer, home computer, or mobile device (e.g. library computer or cell phone) Don’t save sensitive files on a thumb drive/flash drive
Sending Files Securely When To Encrypt When in doubt, encrypt your attachments Any time you send sensitive information to a address encrypt it When practical, avoid sending sensitive information
Sending Files Continued How To Encrypt Encrypting files using Zip Mail is as easy as typing a password when attaching a file Only information within the attachment is encrypted; the message is not secure Do not include the password in the same as the attachment
Tips for Mobile DOs Protect your laptop, phone, or tablet (iPad) with a password Store your mobile device in a safe (locked) location Check to make sure you only connect to secure wireless networks (password required) File a police report and contact your supervisor and the Help Desk immediately if you believe your device has been stolen
Tips for Mobile Continued DON’Ts Don’t store your mobile device in your car Don’t leave your mobile device unattended in a public place such as a coffee shop or conference center Don’t connect your agency issued mobile device to unsecured wireless networks (no password required)
Online Behavior Do not share student or staff information over ListServs, discussion boards, or social media websites (e.g. facebook or twitter) Keep in mind that we all have a “digital footprint” documenting almost everything we do, say, and post online (or that someone else posts about us)
General Tips 1)Be wary of suspicious s or text messages when in doubt, delete! 2)Never store agency information online (“on the cloud”) unless specifically directed to by the ESC 3)Never share personally identifiable information with someone who you don’t know and trust 4)Be sure to lock or logoff from computers and mobile devices when not in use If you need assistance resetting passwords or encrypting files please contact the Technology Help Desk at or
THANK YOU!