Date post: | 28-Dec-2015 |
Category: |
Documents |
Upload: | victor-powers |
View: | 213 times |
Download: | 0 times |
ESCCOData Security
TrainingDavid Dixon
September 2014
What is data security?
• For our purposes data security simply means keeping information safely in your possession or in the hands of a trusted recipient
When do I need to think about it?
• You need to think about data security whenever you are accessing, saving, or emailing data
Are there legal requirements we have to follow?
“FERPA” Family Educational Rights and Privacy Act of 1974
“HIPAA” Health Insurance Portability and Accountability Act of 1996
Is this going to get really complicated?
• The technical aspects of this topic can be highly complex
• However, basic awareness and a few simple guidelines can make your data less vulnerable
RED FLAGS!
• Social Security Numbers• Student Disability Information• Student Test Scores• Purchasing Card Numbers• Discipline Data
Any information that you would not want to share publicly
Accessing Information
DOs• Create passwords including upper and lowercase letters, numbers, and
symbols when possible GOOD3xamp!e $h0CA$E
• Change passwords periodically• Use different passwords for each account
DON’Ts• Don’t access agency information from either a public computer or public
network (e.g. library or coffee shop) • Don’t share or store your usernames or passwords where others can
access them• The ESC will never contact you to confirm your user name and password
Accessing Information Continued
• Trouble remembering all those passwords?– If you cannot remember your passwords, then
consider using a password management tool
Saving Files
DOs• Only save sensitive files on your ESC issued
computer
DON’Ts• Don’t save sensitive files on a public computer,
home computer, or mobile device (e.g. library computer or cell phone)
• Don’t save sensitive files on a thumb drive/flash drive
Sending Files Securely
When To Encrypt• When in doubt, encrypt your email
attachments• Any time you send sensitive information to
a [email protected] email address encrypt it
• When practical, avoid sending sensitive information
Sending Files Continued
How To Encrypt• Encrypting files using Zip Mail is as easy
as typing a password when attaching a file• Only information within the attachment is
encrypted; the email message is not secure
• Do not include the password in the same email as the attachment
Tips for Mobile
DOs• Protect your laptop, phone, or tablet (iPad) with
a password• Store your mobile device in a safe (locked)
location• Check to make sure you only connect to
secure wireless networks (password required)• File a police report and contact your supervisor
and the Help Desk immediately if you believe your device has been stolen
Tips for Mobile Continued
DON’Ts• Don’t store your mobile device in your car• Don’t leave your mobile device unattended
in a public place such as a coffee shop or conference center
• Don’t connect your agency issued mobile device to unsecured wireless networks (no password required)
Online Behavior
• Do not share student or staff information over ListServs, discussion boards, or social media websites (e.g. facebook or twitter)
• Keep in mind that we all have a “digital footprint” documenting almost everything we do, say, and post online (or that someone else posts about us)
General Tips
1) Be wary of suspicious emails or text messages when in doubt, delete!
2) Never store agency information online (“on the cloud”) unless specifically directed to by the ESC
3) Never share personally identifiable information with someone who you don’t know and trust
4) Be sure to lock or logoff from computers and mobile devices when not in use
If you need assistance resetting passwords or encrypting files please contact the Technology Help Desk at [email protected] or 614.542.4159
THANK YOU!