1 / 11

Virginia Tech’s Effective Practices for Managing Sensitive Data

Virginia Tech’s Effective Practices for Managing Sensitive Data. Common Solutions Group January 11, 2008. VT EP for Managing Sensitive Data. Our needs… Stay out of the Press. Stay out of the courts. Preserve the integrity of the data. Respect the privacy of our students and employees.

kaiyo
Download Presentation

Virginia Tech’s Effective Practices for Managing Sensitive Data

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008

  2. VT EP for Managing Sensitive Data Our needs… • Stay out of the Press. • Stay out of the courts. • Preserve the integrity of the data. • Respect the privacy of our students and employees.

  3. VT EP for Managing Sensitive Data #1: Do what you can when you can do it. Pre-2003

  4. VT EP for Managing Sensitive Data #2. Create a framework for doing it.

  5. VT EP for Managing Sensitive Data • #3. Garner support from the Big Sticks. • Board of Visitors • University Legal Counsel • Internal Audit • Campus Police

  6. VT EP for Managing Sensitive Data #4. Don’t think you’re done. 2008

  7. VT EP for Managing Sensitive Data Security Standards for Social Security Numbers • IT Standards • SSN on display screens, reports • Security protocol to access SSN on VT DB • Electronic Storage of SSN (encrypt it) • Electronic transmission of SSN (encrypt it) • Obtain permission to include SSN in ANY electronic system • Records management handles paper documents

  8. VT EP for Managing Sensitive Data Benefits • Lack of a complete solution has not prevented us from implementing partial solutions. • Everyone has a role. • Members of the IT organization and the university have increased their involvement, interest and awareness in security through policy development, tool development and by participating in VT IT Security Task Force.

  9. VT EP for Managing Sensitive Data Challenges • Pulling all the pieces together to create a comprehensive plan for securing personally identifying information (PII).

  10. VT EP for Managing Sensitive Data Future Plans • Meet the challenge!

  11. VT EP for Managing Sensitive Data References • Virginia Tech IT-Related University Policies http://www.policies.vt.edu/index.php#it • Security Standards for Social Security Numbers http://computing.vt.edu/administrative_systems/banner/security%20standards_5July05.pdf • Virginia Tech Certification Authority http://www.pki.vt.edu • Virginia Tech Information Technology Security Office http://security.vt.edu • Virginia Tech IT Security Task Force https://content.cc.vt.edu/confluence/display/ITS/Home • Administrative Data Management and Access Policy http://www.policies.vt.edu/7100.pdf

More Related