1 / 9

ITAG Lunchtime Seminar Filemaker Best Practices and Service Offerings

ITAG Lunchtime Seminar Filemaker Best Practices and Service Offerings. Scott Thorne, IS&T ISDA “Sensitive Data and Local Databases” MacKenzie Smith, Libraries “MIT Libraries Policy on the Use of Filemaker for Applications” Jeff Reed, Cecilia Marra, IS&T DCAD “Filemaker Service Offerings”.

baruch
Download Presentation

ITAG Lunchtime Seminar Filemaker Best Practices and Service Offerings

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ITAG Lunchtime SeminarFilemaker Best Practices and Service Offerings Scott Thorne, IS&T ISDA“Sensitive Data and Local Databases” MacKenzie Smith, Libraries“MIT Libraries Policy on the Use of Filemaker for Applications”Jeff Reed, Cecilia Marra, IS&T DCAD“Filemaker Service Offerings” ITAG Lunchtime Seminar Series February 7, 2007 http://web.mit.edu/itag

  2. Sensitive Data and Local Databases Feb 7th 2007 Scott Thorne

  3. Background • There is growing need to build small systems to meet departmental business needs • There is a growing problem of data spills • TJX etc • Creates potential risk for the Institute

  4. Response • Promote Awareness • Provide Recommendations • Technical • Business • Provide Resources

  5. Use local database technology such as Filemaker for -- • Local Applications only • That meet the following criteria: • Relatively small & simple • 50 users • 20 tables or files • 100 fields • No Sensitive Data • Use the recommended version and configuration • Manage data not needed by other systems • Warehouse

  6. Sensitive Data • More work required to classify data and gain consensus on procedures • Extremely Sensitive • Disclosure causes harm • Financial or otherwise • Organizations or Individuals • Example: SSN • Collected with the promise of confidential treatment • Example: Faculty Survey Information • Sensitive • Choose to keep confidential, but does not cause harm • Example: Salaries • http://istwiki.mit.edu/istwiki/ItagSensitiveData or more recently https://confab.mit.edu/confluence/display/ITAG/ItagSensitiveData

  7. Implementation • Use FileMaker Server instead of peer-to-peer • Use Strong Passwords • Require a password for FileMaker Server • Turn on SSL • Hide Files from network scanning (port 5003) • Implement a backup and recovery procedure • Physically secure the server and backup media

  8. Data Common Sense • Don't store data unless you know why • Don't collect data that is already collected at MIT • Don't collect data until it's needed • Don't store data unless there is a plan to maintain it • Decide data retention policies before collecting data • Review data models before building a system • Document the data definition and sensitivity before collection • Only update data in its System of Record

  9. More Resources • http://web.mit.edu/itag/policies/sensitive-data.pdf • http://web.mit.edu/itag/guidelines/data.html • http://web.mit.edu/ist/help/filemaker/fmug/Top10.pdf

More Related