Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University

Slides:



Advertisements
Similar presentations
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Advertisements

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.
10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
For further information computersecurity.wlu.ca
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Chapter 7 HARDENING SERVERS.
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Payment Card Industry (PCI) Data Security Standard
Sensitive Data Accessibility Financial Management College of Education Michigan State University.
Joel Garmon, Director, Information Security Mike Rollins, Security Architect Jeff Teague, Security Analyst, Senior 1
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
Working From Your Home Computer Safely: The Ten Commandments Stephen Jones, GSEC, A+ With special thanks to Balakrishnan Ramachandran.
New Data Regulation Law 201 CMR TJX Video.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Technology Coordinators Training. Confidential Copyright © 2007 Pearson Education, Inc. and/or one or more of its direct or indirect affiliates. All rights.
Laptops, Notebooks, & Tablets, Oh My! Kathleen Hamby M.S. CBPA Governors State University.
Computer Information Use your own login and password if possible. To get a password, you must turn in the AUP sheet handed out at registration or sent.
Networking Security Chapter 8 powered by dj. Chapter Objectives  Explain various security threats  Monitor security in Windows Vista  Explain basic.
Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.
DECS Community IT DIVISION OF ENGINEERING COMPUTING SERVICES Michigan State University College of Engineering.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
IT Security Essentials Lesley A. Bidwell, IT Security Administrator.
Group 2: Marco Hidalgo Wesley Lao Michelle Marquez-Lim
Computer Security Preventing and Detecting Unauthorized Use of Your Computer.
Explain the purpose of an operating system
{ Active Directory Security Why bother?.   Law #1: Nobody believes anything bad can happen to them, until it does   Law #2: Security only works if.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.
Client – Server Architecture. Client Server Architecture A network architecture in which each computer or process on the network is either a client or.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
STARTFINISH DisposePrint & ScanShareStore Protect information and equipment ClassifyProtect.
Incident Security & Confidentiality Integrity Availability.
TAX-AIDE Security 2013 Regional Meetings1. TAX-AIDE Security ● This year in the AARP Foundation Tax-Aide program there were: Two(2)confirmed laptops reported.
Final Union Training TY What’s New In TaxWise Gary Blauth Module NJ 2.3.
Chapter 2 Securing Network Server and User Workstations.
Internet Security and Your Computer Welcome to Boot Camp.
Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.
Incident Security & Confidentiality Integrity Availability.
Final Essex Training TY What’s New In TaxWise Gary Blauth Module NJ 2.3.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
NetTech Solutions Protecting the Computer Lesson 10.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Client – Server Architecture A Basic Introduction 1.
Product Training 1 JetFlash Software Application.
Page PearsonAccess™ Technology Training Online Test Configuration.
Page ADP Technology Training. 2 Page2 Confidential Copyright © 2007 Pearson Education, Inc. and/or one or more of its direct or indirect affiliates. All.
1 Page1 WELCOME Call-in toll-free number: Conference Code: Please do not put your phone on hold. Use *6 to mute your line.
6/19/2016 أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 4.
How to Make Yourself More Secure Using Public Computers and Free Public Wi-Fi.
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
Computer Security  Computer Security:  Password Strength  Windows Screen Saver  Deleting browser cache  Deleting browser cookies  Securing MS Office.
OWASP CONSUMER TOP TEN SAFE WEB HABITS
12 STEPS TO A GDPR AWARE NETWORK
Connecting Remotely Winter 2014.
Bethesda Cybersecurity Club
Designing IIS Security (IIS – Internet Information Service)
6. Application Software Security
Information Security in Your Office
Bethesda Cybersecurity Club
Presentation transcript:

Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University

What IR practitioners can do Legal consequences of data loss Resources

Don’t take work home If you must access student or other sensitive data from home, use a secure connection like Remote Desktop in Windows XP Use a VPN connection Wireless access –Create a closed network –Rename network –Encrypt –Update software regularly –Set adminstrator password –Disable file sharing

At Work Store student data files on a secure server, not on your personal computer Turn your computer off at night if you can be backed up during the day Strip identifying student information from data files when you work on them (ssn, address, name)

Securing your computer Run an anti-virus program daily Enable file autoprotect (Symantec Anti-Virus) Use complex passwords (test with password tester) Activate Windows Firewall Run Spybot, Windows Defender and Ad-Aware frequently Secure Delete

Secure your computer (cont) Turn off file sharing on your computer Turn off guest accounts Don’t use the administrator account on your computer for routine work Turn on a password protected screen saver for when you are away from your computer Lock your office Monitor your network traffic and usage Turn off FTP if you are not using it

Secure your computer (cont) Clear out your web browser cache Set Windows to automatic update Be sure that your anti-virus software is updated frequently

When traveling with a laptop Use an encrypted flash (thumb) drive Keep close physical possession of your computer and data Remove sensitive data from the laptop before travel If you need sensitive data, store it on a separate device like a CD and store it separately from the laptop Use full disk encryption

Sharing data Zip and password protect before sending Try not to send files via Cornell has the registrars drop box. Files are encrypted during transport over SSL ( using strong encryption only.

New York Information Security Breach and Notification Act Any NYS resident whose private information was acquired by a person without valid authorization must be notified You must notify the NYS attorney general, NYS consumer protection board, NYS office of cybersecurity Other states, including California, are passing similar laws

What to do if data security is breached Notify security office –Scan –Traffic analysis –Image –System (log) analysis IT security may report to data loss team (audit, police, counsel, communications, risk management, IT, representatives from unit)

Resources Securing your web browser EDUCAUSE Using wireless technology securely cert.gov/reading_room/Wireless-Security.pdf Procedures for dealing with security breach loss-prepare.html