Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, 2014 1IT Security, East Carolina University.

Slides:



Advertisements
Similar presentations
A Guide to Compliant Data Management
Advertisements

HIPAA Security.
Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Welcome to the SPH Information Security Learning Module.
Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
General Operation and Facts As of 3/24/2014. Virtual Desktop 1. What is a Virtual Desktop? 2. Why VDI? 3. Installing the Virtual Desktop 4. Accessing.
WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
Springfield Technical Community College Security Awareness Training.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
Data Storage and Security Best Practices for storing and securing your data The goal of data storage is to ensure that your research data are in a safe.
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
KDE Employee Training. What IS a Data Breach? Unauthorized release (loss or theft) of Sensitive or Confidential Data, such as PII, PHI, etc. On site or.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Beyond WiFi: Securing Your Mobile Devices Thomas Kuhn Information Technology Assistance Center (iTAC) Kansas State University.
Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
HIPAA Data Security PCF Data Security Update May 1 st, 2015.
10 Essential Security Measures PA Turnpike Commission.
Joel Garmon, Director, Information Security Mike Rollins, Security Architect Jeff Teague, Security Analyst, Senior 1
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
SECURITY: Personal Health Information Protection Act, 2004 this 5 min. course covers: changing landscape of electronic health records security threats.
New Data Regulation Law 201 CMR TJX Video.
Information Security Information Technology and Computing Services Information Technology and Computing Services
Protecting Sensitive Information PA Turnpike Commission.
Information Governance Jym Bates Head of Information Assurance.
Securing Information in the Higher Education Office.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
HIPAA PRIVACY AND SECURITY AWARENESS.
Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.
ESCCO Data Security Training David Dixon September 2014.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
IT Security Essentials Lesley A. Bidwell, IT Security Administrator.
AP ENGLISH/AP HISTORY DIGITAL CONVERSION PARENT INFORMATION MEETING.
Information Services Overview An introduction to DePaul’s technology especially for new employees.
Privacy and Information Management ICT Guidelines.
Information Security & Compliance Financial Services Workshop February 10, 2010.
University Health Care Computer Systems Fellows, Residents, & Interns.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
STARTFINISH DisposePrint & ScanShareStore Protect information and equipment ClassifyProtect.
SPH Information Security Update September 10, 2010.
Data Breach: How to Get Your Campus on the Front Page of the Chronicle?
SCHOOLS FINANCE OFFICERS MEETINGS Records Management, “Paper-Lite” Environments and Procedures when a school closes Elizabeth Barber.
1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.
TRUENORTH TECHNOLOGY POLICIES OVERVIEW. This includes but is not limited to : – Games – Non-work related software – Streaming media applications – Mobile.
PCI-DSS: Guidelines & Procedures When Working With Sensitive Data.
Information Security Everyday Best Practices Lock your workstation when you walk away – Hit Ctrl + Alt + Delete Store your passwords securely and don’t.
Computer Security Sample security policy Dr Alexei Vernitski.
Common sense solutions to data privacy observed by each employee is the crucial first step toward data security Data Privacy/Data Security Contact IRT.
SECURE DATA TRANSFER Melvin Freeman The Next Step Public Charter School.
Information Technology Services (ITS)
PCard Sensitive and Protected Information Procedures
DATA SECURITY FOR MEDICAL RESEARCH
East Carolina University
Use of BMC Patient Information Privacy & Security
HIPAA.
Staying Austin College
Data Protection Scenarios
Digital $$ Quiz Test your knowledge.
HIPAA Overview.
Lesson 1: Introduction to HIPAA
HIPAA & PHI TRAINING & AWARENESS
Introduction to the PACS Security
UD PCI GUIDELINES A guide for compliance with PCI DSS and the University of Delaware Payment Card Program ALWAYS Process payments immediately using a solution.
Presentation transcript:

Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, IT Security, East Carolina University

Enabling your information systems to provide the services required to meet your instructional and research goals, while protecting the critical information entrusted to you 2IT Security, East Carolina University

It is ok to share my login and password with my supervisor in order access my data when Im out of the office. It is ok to access my ECU on my smartphone even though I dont have a password. Should I inform the Helpdesk if I lose my personal smartphone? I love my IPAD to access ECU ! Since my ECU has a password, its not important to have a pw on my IPAD. If others school use a PCI compliant solution, I dont need to get approval to use the same solution. 3IT Security, East Carolina University

Use strong passwords and do not share them with ANYONE Lock your computer (Ctrl-Alt-Del) when not in use Lock office doors, drawers, and cabinets where sensitive information is stored Never leave your laptop unattended in public Encrypt all portable devices 4IT Security, East Carolina University

Consider consequences of downloading data from the ECU administrative systems (Banner, Blackboard, Electronic Health Record (EHR), etc. Do not download ECU sensitive data (e.g. financial, student, patient, legal, HR) to unencrypted local devices (desktop computer, laptop, flash drive, smartphone, web pages, CLOUD, etc.) 5IT Security, East Carolina University

Password protect your smartphone Be cognizant that s on a lost smartphone can be accessible to anyone who finds it Report to the helpdesk lost or stolen smartphone containing ECU data (inclusive of ) 6IT Security, East Carolina University

Use Pirate Drive, or ITCS supported servers if you must download or store sensitive data Ensure you are aware of the compliance requirements for protecting your data (e.g. PCI, UNC- FIT, GLBA, FERPA, HIPAA, Legal, etc.) 7IT Security, East Carolina University

Encrypt sensitive data (e.g. student, patient, legal, HR) in storage and transmission (via , file transfer to other agencies, portable devices, etc.) Physically secure both electronic and paper files Do not store backup copies of sensitive information on unencrypted storage devices (e. g. flash drives, CDs, home PC, etc.) 8IT Security, East Carolina University

Limit the services or tasks performed on your computer that are used to enter or processed sensitive data (e.g. web surfing, downloading free apps, Facetime) If working from home, store your data on Pirate Drive and access through the virtual private network (VPN)- (data in one secure location and backed up daily) If you have a laptop or ECU issued computer to work from home, use it rather than the family computer 9IT Security, East Carolina University

Ensure all data are appropriately destroyed when no longer needed Address non-compliance of others in your department Encourage Awareness Training for all 10IT Security, East Carolina University

Updating Information Security Policies, Standards and Best Practices Server Administrators Security Best Practices Best Practices for Other Areas Educational and Awareness Training Program Exploring Information Security Subject Matter Experts (SME) IT Staffing Plan to Address IT Purchase Review 11IT Security, East Carolina University

Requiring Pin for Smartphone Outlook Access Flagging Sensitive Data Transmitted External to ECU Sensitive Data Scanner to find sensitive data Mobile Device Management for Smartphone Network Access Control for enhanced security Log Management for audit logs Internal Dropbox solution 12IT Security, East Carolina University

ITCS IT Security Pirate Drive ITCS Assistance and Consultation 13IT Security, East Carolina University

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.