Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Security Awareness

Published byAriel Preston Modified over 5 years ago

Similar presentations

Presentation on theme: "Data Security Awareness"— Presentation transcript:

1 Data Security Awareness
3/5/2015 Data Security Awareness Brenda Meyer, Migrant Data Consultant Mar 5, 2015

2 Objectives Why is collected and where is it stored
Federal and State Student Privacy Laws How is the Student Information Used Student Data Destruction Student Information Safeguards State of Colorado Secure Server 2

3 Migrant Student Data Why Do We Collect Student Information?
State and Federal Law Where is the information stored? Local file cabinets and state and local databases Who has access to student data? Authorized and authenticated migrant educational personnel Access is restricted and actively monitored 3

4 Federal and State Student Privacy Laws
Student privacy procedures is fully adhere to the guidelines set forth in Federal and State law. Family Educational Rights and Privacy Act (FERPA) To access the FERPA click link below Protection of Pupil Rights Amendment (PPRA) To access the PPRA click on link below MSIX Rules of Behavior Colorado New Generation System (NGS) User Agreement NGS User Oath Identity Management - RITS 4

5 How Is Student Information Used?
Individual Student Data Uses: Enrollment Placement Credit accrual Tracking of services Individual student growth Aggregated Student Data Uses: Federal and State reporting and funding Regional Performance Reports Program evaluation and measures Regional Improvement Plans 5

6 Student Data Destruction
When is individual student information archived or deleted? All individual student data is encrypted and stored securely Access is restricted and actively monitored Individual student records are rendered non-individually identifiable this includes data stored on: Computer, Tablet, IPad CD/DVD Thumb drives Secondary storage technology (e.g. zip drives) Destruction of student records older than 10 years (NRG, Chapter XI, State Administration, C3) All sensitive student data housed on MEP funded retired desktop computer and/or laptop must be removed and destroyed prior to destruction The storage of all sensitive student data must be deleted or destroyed. This includes sensitive data placed in the student’s record 6

7 Student Information Safeguards
How is the Information Safeguarded? Approved access control Strong password Protect access accounts, privileges, and associated passwords (E.g. Not sharing password and not logging on for others) Laptop/mobile device password locks Data Sharing Use of SASID must be isolated from student data and student names Strong encryption Secure Transit When disclosing sensitive student information to CDE, the information must be sent via CDE’s Secure File Transfer Protocol (SFTP) When disclosing sensitive student information to districts, the information must be encrypted and all safeguards must be used to restrict access 7

8 Migrant Student Information Access
Users requesting access to State and Federal Migrant Student Information Systems must first complete training and must agree to comply with state and federal requirements. Each user requesting access must first have prior approval from the regional migrant director. The regional migrant director must then submit a request to the SEA requesting access on the individuals behalf. The SEA will grant access to authorized users it deems necessary. Each user must complete the Colorado NGS User Agreement, NGS User Oath Form, MSIX Application and Identity Management prior to being granted access to state and federal information systems. Each user must comply with the requirements. Failure to comply may result in disciplinary action up to and including denial of access and other consequences determined by appropriate entities. Upon termination from the Migrant Education Program, your Regional Director must submit a deactivation notice to the SEA. 8

9 Activity Form two groups of 5
How well are you aware of data privacy and security awareness? Each group has 1 minute to respond with the answer. Prizes will be awarded to the group with the most points. 9

10 CDE Secure File Transfer Server
CDE’s Secure File Transfer Server (SFTP) provides a means to securely transfer sensitive data files. It meets the needs of CDE staff that send and receive sensitive data to and from external clients and collaborators. To access the server you need access to the Internet and a web browser. You must register and activate your account to receive and send files. 10

11 Register and Activate Your Account
You will receive an containing a delivery notification and a link to the User Registration form. Please follow these instructions: Click on the link to the User Registration form in the . Complete the User Registration form by entering the required fields. [Click Register] You will receive an containing an activation link along with your user name and an activation code. Click the [Activation Link] to activate your account; this will take you to the User sign in screen. You will also receive an confirming account activation with a link to the User sign in screen. 11

12 Access to Secure Data The purpose of the CDE Secure File Transfer Server is for secure data transfer, not long-term storage. All data on this server is deleted periodically using a secure removal program. Data is purged 14 days after it is deposited. All data uploaded and downloaded to the secure server is encrypted in transit. Users have access only to the files they have uploaded or files that have been sent as a secure delivery to their account. User accounts on the CDE Secure File Transfer Server are valid as long as they are actively being used, otherwise after 90 days of inactivity the user account will be automatically removed. 12

13 Java Runtime Environment
Note for External Users: To enhance the file transfers, it is highly recommended to have the Java™ Runtime Environment (JRE) be installed and integrated with your browser on your system. You may be asked the following. Click [Yes] 13

14 Create a User ID and Password
14

15 User Registration 15

16 Log In 16

17 Sign Out 17

18 Downloading a File When you receive an notification of a secure delivery, click the link in the or go directly to the server and sign in to CDE’s Secure File Transfer Server. Sign in to CDE’s Secure File Transfer Server ( on the user sign in screen. Type your Username and Password. Click [Sign in] From the Home page, click [View Your Deliveries] Received. On the Your Deliveries: Received screen, click the [Subject link]. On the Your Delivery screen, click the [File Name Link] to download the file to your hard drive. The sender will receive notification that you have viewed the delivery. 18

19 Uploading a File Sign in to CDE’s Secure File Transfer Server ( on the user sign in screen. Type your Username and Password. Click [Sign in] From the Home page, click [Create an Express Delivery]. On the Express Delivery screen: Enter recipient’s address. Separate multiple addresses with commas or semicolons. Enter Subject. Type a brief secure message. This message will only be visible when the recipient signs in to view the delivery. Use the Browse button to search your system files and select a file. [Click Open]. You may upload multiple files. Click [Send]. This will securely upload the file to the server and send the recipient an delivery notification with a link to the file. 19

20 Submitting files VIA the CDE Secure File Transfer Site
20

21 Step 2 and 3 Follow link and Click Received
21

22 Step 4 Click Message Subject
22

23 Step 5 Click Reply Securely
23

24 Step 6 Click Add File 24

25 Step 7 Upload File(s) 25

26 Step 8 Add a Message Send Reply
26

27 Step 9 Confirmation To Add Message
27

28 Step 10 File Successfully Sent
28

29 External vs. Internal Users
External users can only receive packages. Internal users can receive, create and send packages. The SEA will determine who will require External or Internal access to the SFTP site. 29

30 Home Screen Click on [Home] to navigate back to the home screen options. Click on the [Help link] to access Q&A and Delivery server help. 30

31 Technical Support For all technical support issues, please contact the CDE Helpdesk at or by Contact me by 31

32 Thank you for Participating Enjoy the rest of the Conference!
32

Download ppt "Data Security Awareness"

Similar presentations

Module: 201 Create and Manage Your Agent Account.

Module: 201 Create and Manage Your Agent Account.
An introduction to the State’s E-mail Encryption Service State of Minnesota Office of Enterprise Technology and Department of Human Services.

An introduction to the State’s Encryption Service State of Minnesota Office of Enterprise Technology and Department of Human Services.
1 of 61 EHBs v2.0 Overview Health Resources and Services Administration (HRSA) Presented To: Grantees EHBs version 2.0 – Overview for Grantees.

1 of 61 EHBs v2.0 Overview Health Resources and Services Administration (HRSA) Presented To: Grantees EHBs version 2.0 – Overview for Grantees.
Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.

Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.
Secure File Interchange 2 Whitenoise Laboratories Inc. Quick User Guide.

Secure File Interchange 2 Whitenoise Laboratories Inc. Quick User Guide.
PROACTIS: Supplier User Guide Contract Management.

PROACTIS: Supplier User Guide Contract Management.
Oracle Method | Group Delivery Together. Free your energies New Supplier Registration.

Oracle Method | Group Delivery Together. Free your energies New Supplier Registration.
Role of Account Management at ERCOT Market Participant Identity Management Overview (MPIM)

Role of Account Management at ERCOT Market Participant Identity Management Overview (MPIM)
School and LEA Users https://schools.nc.gov/pbis.

School and LEA Users
Tri-Counties Regional Center (TCRC) DS1891 Compliance Website Information and Instructions Biennial Requirement to Update Form DS1891 – Applicant/Vendor.

Tri-Counties Regional Center (TCRC) DS1891 Compliance Website Information and Instructions Biennial Requirement to Update Form DS1891 – Applicant/Vendor.
KET ENCYCLOMEDIA STUDENT ACCOUNT CHANGES

KET ENCYCLOMEDIA STUDENT ACCOUNT CHANGES
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Plan My Move & MilitaryINSTALLATIONS May, 2008 Relocation Personnel Roles and Responsibilities MC&FP.

Plan My Move & MilitaryINSTALLATIONS May, 2008 Relocation Personnel Roles and Responsibilities MC&FP.
CSOD LMS External Users Portal August 19 2013 Company Confidential.

CSOD LMS External Users Portal August Company Confidential.
FitnessGram® 2015 Student Information System (SIS) Extract Import Training for Georgia 2015-2016 School Year.

FitnessGram® 2015 Student Information System (SIS) Extract Import Training for Georgia School Year.
Getting Started. Package Overview (GradeQuick)‏ Web-based grade book –Access Anywhere –Always Current Paper grade book “look and feel” Flexible grading.

Getting Started. Package Overview (GradeQuick)‏ Web-based grade book –Access Anywhere –Always Current Paper grade book “look and feel” Flexible grading.
Complete Ordering System for Promotional Literature and Samples Quick Reference and Training Guide.

Complete Ordering System for Promotional Literature and Samples Quick Reference and Training Guide.
How to CORRECTLY Complete a TEASE Access Request Form.

How to CORRECTLY Complete a TEASE Access Request Form.
What is Program Evaluation? Allegheny Intermediate Unit Evaluation, Grants, and Data.

What is Program Evaluation? Allegheny Intermediate Unit Evaluation, Grants, and Data.
Indiana Utility Regulatory Commission Electronic Filing System “EFS” Tutorial.

Indiana Utility Regulatory Commission Electronic Filing System “EFS” Tutorial.

Similar presentations

Ads by Google