Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services

Published byTavion Hickerson Modified over 10 years ago

Similar presentations

Presentation on theme: "© 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services"— Presentation transcript:

1 © 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services http://oit.boisestate.edu/security/

2 © 2012 Boise State University2 Click for Next Slide! Universities in the News! University of Idaho 70,000 Donor Records University of Texas at Austin 225,000 Student Records UCLA 500,000 Student Records

3 © 2012 Boise State University3 Click for Next Slide! University NOT in the News! Boise State University Zero Lost Records So Far! Go Broncos!

4 © 2012 Boise State University4 Click for Next Slide! The Information We Keep Students, Faculty, Staff, Donors, Contractors Financial Records Grades Credit Card Information Health Care Information Addresses Phone Numbers Insurance Records Social Security Numbers All Protected By Law!

5 © 2012 Boise State University5 Click for Next Slide! Alphabet Soup Everybody Loves Acronyms! FERPA HIPAA PCI-DSS GLBA SOX Red Flag Alerts Idaho Code §28-51-105

6 © 2012 Boise State University6 Click for Next Slide! Alphabet Soup PII P ersonally I dentifiable I nformation This is the Key Acronym!

7 © 2012 Boise State University7 Click for Next Slide! Alphabet Soup FERPA F amily E ducational R ights and P rivacy A ct Protects the privacy of students educational records Non-compliance? Loss of federal funding Fines Expose students to identity theft

8 © 2012 Boise State University8 Click for Next Slide! Alphabet Soup HIPAA H ealth I nformation P ortability and A ccountability A ct Protect confidentiality of health care information Protect workers health insurance when changing jobs Standardize electronic health care data interchange Non-compliance? Fines Expose students and employees to identity theft

9 © 2012 Boise State University9 Click for Next Slide! Alphabet Soup PCI-DSS P ayment C ard I ndustry D ata S ecurity S tandard Industry requirements for protecting customer payment account information – Established by consortium of the major payment card brands Non-Compliance? Increased fee$ for accepting credit card payments Mandatory PCI-DSS audits (paid for by Boise State) Identity Theft

10 © 2012 Boise State University10 Click for Next Slide! Alphabet Soup GLB G raham- L eech- B liley A ct of 1999 Requires financial institutions to protect their customers personally identifiable information Non-Compliance? Fines Exposure of students, families, and employees to identity theft

11 © 2012 Boise State University11 Click for Next Slide! Alphabet Soup SOX S arbanes- OX ley Act of 2002 Requires all publicly held companies to submit an annual assessment of the effectiveness of their internal financial auditing controls to the Securities and Exchange Commission Officers of the companies must certify that they arent cooking the books

12 © 2012 Boise State University12 Click for Next Slide! Alphabet Soup Red Flag Alerts Fair and Accurate Credit Transactions Act Requires monitoring and alerting for suspicious transactions that could indicate identity theft or fraud Broad list of suspicious transactions

13 © 2012 Boise State University13 Click for Next Slide! Alphabet Soup Idaho Code §28-51-105 Idahos Identity Theft Law Requires reporting of security breaches which expose Personally Identifiable Information that can be used to obtain credit, apply for Drivers License, or apply for other forms of identification

14 © 2012 Boise State University14 Click for Next Slide! Boise State Policies Information Technology Resource Use (BSU # 8000) http://policy.boisestate.edu/wp-content/uploads/2011/05/8000_informationtechnologyresourceuse.pdf Information Privacy and Security (BSU # 8060) http://policy.boisestate.edu/wp-content/uploads/2011/05/8060_InformationPrivacySecurity.pdf Cash Handling (BSU # 6010) http://policy.boisestate.edu/wp-content/uploads/2011/05/6010_CashHandling.pdf

15 © 2012 Boise State University15 Click for Next Slide! Alphabet Soup - - TMI !!! Or TMA -- too many acronyms! What should I do?

16 © 2012 Boise State University16 Click for Next Slide! Protect Constituent Data If you print itgo get it Shred it if you can Be sure you can release it If you arent sure, check with your supervisor Lock it up! Dont leave sensitive information in the open That includes laptops and other mobile media Know What Boise State Policy Requires

17 © 2012 Boise State University17 Click for Next Slide! Follow Information Security Best Practices Use strong passwords Change passwords often Use different passwords on different systems Never share your password

18 © 2012 Boise State University18 Click for Next Slide! Follow Information Security Best Practices Password protect your screensaver Manually lock your screen whenever you leave your desk Store sensitive information on file servers Never open unsolicited email from an unknown source or click on unfamiliar web addresses Be sure your computer and anti-virus software are up-to- date

19 © 2012 Boise State University19 Click for Next Slide! Follow Information Security Best Practices Know who to call I think my computer is infected, what do I do? Call the Help Desk at 6- 4357 I think Ive lost the USB drive I used to take some sensitive files home to work on, what do I do? Call the Information Security Office at 6- 5501

20 © 2012 Boise State University20 Click for Next Slide! Information Security on the Front Lines Incident Response Procedure http://oit.boisestate.edu/security/it-security-policy-and-procedures/incresponseprocedure/

Download ppt "© 2012 Boise State University1 Click for Next Slide! Information Security on the Front Lines Created By OIT Information Security Services"

Similar presentations

IT Security Policy Framework

IT Security Policy Framework
Identity theft Protecting your credit identity. Identity Theft Three hundred forty three million was lost from consumers in 2002 The number of complaints.

Identity theft Protecting your credit identity. Identity Theft Three hundred forty three million was lost from consumers in 2002 The number of complaints.
© 2012 Boise State University1 Information Security for Your Office Created By OIT Information Security Services

© 2012 Boise State University1 Information Security for Your Office Created By OIT Information Security Services
© 2012 Boise State University1 Click for Next Slide! Information Security for Faculty and Researchers Created By OIT Information Security Services

© 2012 Boise State University1 Click for Next Slide! Information Security for Faculty and Researchers Created By OIT Information Security Services
Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.

Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Best PracticesUSCA Fall 2010: Baylor University3.

Best PracticesUSCA Fall 2010: Baylor University3.
University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.

University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.
Red Flags Rule BAS Forum August 18, 2010. What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.

Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Red Flag Rules: What they are? & What you need to do

Red Flag Rules: What they are? & What you need to do
© Chery F. Kendrick & Kendrick Technical Services.

© Chery F. Kendrick & Kendrick Technical Services.
Identity Theft Prevention Program Red Flags Rules Fighting Fraud at Montana Tech.

Identity Theft Prevention Program Red Flags Rules Fighting Fraud at Montana Tech.
WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.

WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
 The Health Insurance Portability and Accountability Act of 1996.  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.

 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
Springfield Technical Community College Security Awareness Training.

Springfield Technical Community College Security Awareness Training.
Protecting Personal Information Guidance for Business.

Protecting Personal Information Guidance for Business.
Information Privacy and Compliance Training For All Brigham Young University– Idaho Employees.

Information Privacy and Compliance Training For All Brigham Young University– Idaho Employees.
FAIR AND ACCURATE CREDIT TRANSACTIONS ACT (FACTA)- RED FLAG RULES University of Washington Red Flag Rules Protecting Against Identity Fraud.

FAIR AND ACCURATE CREDIT TRANSACTIONS ACT (FACTA)- RED FLAG RULES University of Washington Red Flag Rules Protecting Against Identity Fraud.

Similar presentations

Ads by Google