160 likes | 263 Views
Part 2 of Evil Lurking in Websites. Data Security at the University of Wisconsin Oshkosh. How Do We Protect the Data?. What Data are We Protecting? How We Classify University Data Who Is Responsible for Protecting the Data? Our Top 10 Recommendations for Data Protection.
E N D
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh
How Do We Protect the Data? • What Data are We Protecting? How We Classify University Data • Who Is Responsible for Protecting the Data? • Our Top 10 Recommendations for Data Protection
Data Security: It Takes the Whole University Community Security Officer and IT staff in Academic Computing, Administrative Computing and NetworkingTechnical Solutions such as firewalls, virus protection, Websense, Identity FinderData Classifications with alternatives for storage and usage IT cannot do data security alone! Securing the Human!
User Awareness is Essential • Security Advisory Group – Website, etc. • Demonstrations - What You Just Saw • Top 10 Tips/Guidelines for UW Oshkosh Community
Top 10 Ways to Protect Confidential Data: # 1 1. Store confidential data only on departmental shared drives. • Do not store it on your desktop • Do not store it on personal devices • Do not store it on Google drive • Do not store it in Titan Files • Do not store it on public web sites • Do not email it • Do not store it in a dropbox
Top 10 Ways to Protect Confidential Data: # 2 2. If your computer accesses confidential data, do not shop or access news or social media for personal purposes. • Issues with shopping • Issues with news sites and social media • If there are business purposes for these activities, ideal solution is isolated, restricted workstations.
Top 10 Ways to Protect Confidential Data: # 3 3: Avoid phishing attempts. • What is phishing? • Think before you click on links in email messages. • Beware of links that look legitimate but are not (e.g. ebay.something.com). • Do not respond to emailed (or phoned or in-person) requests for your login information or passwords.
Top 10 Ways to Protect Confidential Data: # 4 4: Practice good password hygiene. • Do not share passwords with anyone. • Use strong passwords (not things that anyone could know about you like your birthday or your pet's name and mix case, letters, numbers and symbols). • Try not write passwords down; if you must, store in locked location. • Password protect your mobile devices.
Top 10 Ways to Protect Confidential Data: # 5 5. Lock your computer when you are not at your desk. • For Microsoft Windows, click Control_Alt_Delete and select "Lock this Computer.") Or click the Windows Symbol and L. • For Mac OS X, set your screen saver to require a password via the System Preferences "Security and Privacy panel; then in the "Desktop & Screen Saver" panel, under "Screen Saver," use the "Hot Corners" button to turn on your screen saver by moving your mouse to one of your desktop corners.
Top 10 Ways to Protect Confidential Data: # 6 6. Do not install non-work related software on your university computer. • Do not install games on your computer. • Do not share your computer with anyone.
Top 10 Ways to Protect Confidential Data: # 7 7. Do not access or store confidential or sensitive data in databases that are not secured or encrypted. • Are these databases really needed? Can a larger system give you needed info more securely? • If needed, how and where can these databases be stored? • If in doubt, contact the Help Desk.
Top 10 Ways to Protect Confidential Data: # 8 8. Make sure that the virus protection on your computer is current and pay attention to results of scan. • Scan does not solve problem, it simply identifies the problem • If you notice any problems after scan (even if quarantined) , always contact the Help Desk!
Top 10 Ways to Protect Confidential Data: # 9 9. Manage your accounts responsibly. • Everyone should only have the access needed for his/her job. • If you are a supervisor, make sure staff accounts are appropriate and that accounts are locked when staff retire, resign or transfer.
Top 10 Ways to Protect Confidential Data: # 10 10. If you must access confidential University data from off- campus, contact the Help Desk for options. • Only with University owned computers • Obtain Supervisor’s approval and contact the Help Desk for options such as VPN if using shared directories • Never let anyone else off-campus use the University owned computer • Follow Tips 1-9 with this computer (only as safe as computer is clean)
Conclusion • Questions? • Thank you! • Contact Information • Richard Montano montano@uwosh.edu • Julie Wilkinson wilkinsj@uwosh.edu