Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,

Slides:



Advertisements
Similar presentations
Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Advertisements

Evolution of Data Use and Stewardship Recent University-wide Data Stewardship Enhancements Integrated System Data Stewardship Shirley C. Payne, CISSP,
Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.
Overview of IS Controls, Auditing, and Security Fall 2005.
Is There a Security Problem in Computing? Network Security / G. Steffen1.
Effective Design of Trusted Information Systems Luděk Novák,
Security Policies for Institutions of Higher Education Ardoth A. Hassler, Associate VP for University Information Services, Georgetown University Tracy.
Security Controls – What Works
All rights reserved © 2005, Alcatel Risk Awareness in Enterprise IT Processes and Networks  Dr. Stephan Rupp.
Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
The Pieces and the Puzzle of IT Policy University Computer Policy and Law Program April 7, 2004.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Peer Information Security Policies: A Sampling Summer 2015.
Information Asset Classification
Privacy and Security Risks in Higher Education
Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
1 General Awareness Training Security Awareness Module 1 Overview and Requirements.
1 Introduction to Information Security. 2 Historical aspects of InfoSec Critical characteristics of information CNSS security model Systems development.
Security Architecture
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.
Test Security and Alternate Assessments Melissa Gholson West Virginia Department of Education.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.
Privacy, Security, Intellectual Property and Responsible Use Policy Issue Spotting! Ucosmic Tracy Mitrano.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
Geneva, Switzerland, September 2014 Considerations for implementing secure enterprise mobility Eileen Bridges Aetna GIS Director.
Information Asset Classification Community of Practicerev. 10/24/2007 Information Asset Classification What it means to employees.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
Converting Policy to Reality Designing an IT Security Program for Your Campus 2 nd Annual Conference on Technology and Standards May 3, 2005 Jacqueline.
Data Management & the Library. FACT #1 Research is increasingly digital and produces digital data.
Scott Charney Cybercrime and Risk Management PwC.
McGraw-Hill/Irwin © 2013 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 11 Computer Crime and Information Technology Security.
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
DATA IT Senate Data Governance Membership IT Senate Data Governance Committee Membership Annie Burgad, Senior Programmer, Central IT Julie Cannon, Director.
Energize Your Workflow! ©2006 Merge eMed. All Rights Reserved User Group Meeting “Energize Your Workflow” May 7-9, Security.
IT Security Policies and Campus Networks The dilemma of translating good security policies to practical campus networking Sara McAneney IT Security Officer.
Ingredients of Security
Staying ahead of the storm: know your role in information security before a crisis hits Jason Testart, IST Karen Jack, Secretariat.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
HIPAA Security Final Rule Overview
Business Processes and Risks
IT Summit November 4th, 2009 Presented by: IT Internal Audit Team Leroy Amos Sue Ann Lipinski Suzanne Lopez Janice Shelton.
Strategic Agenda We want to be connected to the internet……… We may even want to host our own web site……… We must have a secure network! What are the.
Chapter 7 – Confidentiality Using Symmetric Encryption.
ENTICE Enterprise Needs for Tools and Infrastructure for Content Exploitation David Foster IT May 2010.
SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
Information Security tools for records managers Frank Rankin.
Federal Information Security Management Act (F.I.S.M.A.) [ Justin Killian ]
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
BizSmart Lunch & Learn Webinar Information Security and Protecting your business With the increased risk of some sort of cyber- attack over the past few.
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
IT Audit for non-IT auditors Cornell Dover Assistant Auditor General 31 March 2013.
EECS David C. Chan1 Computer Security Management Session 1 How IT Affects Risks and Assurance.
Wednesday, November 7, 2012.
Risk management.
Data and database administration
Records Management New policies and procedures
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
IT Development Initiative: Status and Next Steps
IS4680 Security Auditing for Compliance
سياسة الإفصاح والشفافية ببنك التنمية الصناعية
IT Development Initiative: Status & Next Steps
HIPAA Privacy and Security Update - 5 Years After Implementation
Session 1 – Introduction to Information Security
Presentation transcript:

Management of Data as Responsible Use ICPL 2005

Information Privacy and Security As usual in higher education, different institution will have, and take, different approaches to the protection, preservation, and proper use of their IT resources and assets: –Hardware –Software –Data

Privacy and Security Security and Privacy Security –Administrative Program –Logical Availability Integrity Confidentiality –Physical Locks and Keys Privacy –Transparency Data collected/stored Relevancy –Disclosure Notice –Control Correct Mistakes Opt-In or Out –Security Administrative Logical Physical

Data… Is at the core of the intersection between security and privacy, not least in the experience of information technologies.

Comprehensive Information Security Policies UC-Berkeley Framework – UCOP – Princeton – SecPolicy pdfhttp:// SecPolicy pdf Chicago – computers/policy.shtml

Data Classification and Stewardship Classification – sification/classification_of_data.htmlhttp:// sification/classification_of_data.html Stewardship – ppendixa.htmlhttp:// ppendixa.html – og/institutional/data_digest/datadigest.htmlhttp:// og/institutional/data_digest/datadigest.html

Cornell IT Policy Framework work-chart.html

Security of Information Technology Resources Every user responsible for security of devices connected to the network Five Categories of Users/Obligations IT Director: coordinate security program Unit Heads: oversee (for their unit) Security Liaisons: effectuate (unit risk assessment) Local Support Provider: implement (desktop) User: know who you are and don’t share password!

Responsible Use of IT Resources Every user must manage the data on their IT devices Five Categories of Users/Obligations IT Data Director: coordinate Stewards: oversee (policy) Data Liaisons: effectuate (inventory/flows) Custodians: implement (secure that web page!) Users: know who you are (and don’t infringe copyright!)

Conclusion Protection, preservation and appropriate use of institutional IT assets and interests requires comprehensive information data and security programs. That an institution have such programs is a given; how they are constructed goes to the history, culture and tradition of the institution.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.