Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security in Your Office

Published byJuan Manuel Ruiz Modified over 5 years ago

Similar presentations

Presentation on theme: "Information Security in Your Office"— Presentation transcript:

1 Information Security in Your Office
Bob Bulow Ohio University ohio.edu/registrar

2 Overview Introduction Being More Secure Partnering with IT
What You Can Do Wrap Up

3

4 Self Assessment On a scale of 1 to 10, how good are you at being secure? Why did you rate yourself this way? What are some things you do (or don’t do) that influence your decision?

5 Ranking Security Practices
Ranking Activity

6 https://security. googleblog

7 Being More Secure Key * Things to do personally and professionally
# Things to do without technology (i.e., behavioral things)

8 Partnering with IT Data Storage *Software patches applied
File encryption Disk encryption Share files securely Automated backups *Software patches applied Password policies *Dual- or two-factor authentication Data security policies

9 Partnering with IT #Create a climate where staff think about data security #Training and awareness Lockout limit based on failed attempts *Wipe computers before recycling *VPNs *Desktop security management (i.e., admin access)

10 What You Can Do *#Create awareness
#Policy for data retention and data disposal *Do not click on suspect links and attachments How to inspect a link Dangerous types of attachments *Do not send sensitive data via (and delete it if someone sends it to you) *Lock your computer when you walk away *#Lock physical files

11 What You Can Do *#Have strong passwords & change if needed
If you use the same password for multiple things If your account might have been hacked What is a strong password? *Use a password manager, e.g. LastPass, 1Password Limit who has access to data in system #Third party contracts have responsibility for data handling

12 What You Can Do #Collect data only if needed
*#Provide data only if necessary *#Eliminate use of SSN Limit who can access SSN, Date of Birth Do not use (or limit) who can have student data on portable drives #Employee acknowledge responsibilities

13 What You Can Do *Back up files routinely (if it is not automated by IT) *Limit who has access to the files *Password-protect files *Personal device security (laptops, phones, tablets) *Wireless network security

14 What You Can Do *Virus/malware protection software and run regular scans *Avoid downloads *Use secure connections to Internet (https) #Keep office doors locked

15 What You Can Do #Privacy screen protectors
Routinely review who has access to data #Clean desk club #Internal audit conduct a review

16 Wrap Up and Questions “…no one can hack my mind”
Use tools where it makes sense Personal and professional are more intertwined than ever before Personal life (in regard to accounts, security, etc.) can impact professional life and vice versa Doing something is better than doing nothing Try at least one new thing from the suggestions

17 Resources EDUCAUSE – Higher Education Information Security Guide EAB – Information Security Google Security Blog Post Have I Been Pwned?

18 Bob Bulow bulow@ohio.edu 740.593.2469
Associate Registrar for Technology and Communication

Download ppt "Information Security in Your Office"

Similar presentations

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.

9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.
Information Security Awareness:

Information Security Awareness:
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Locking the Backdoor: Computer Security and Medical Office Practice Dr. Maury Pinsk, FRCPC University of Alberta Division of Pediatric Nephrology.

Locking the Backdoor: Computer Security and Medical Office Practice Dr. Maury Pinsk, FRCPC University of Alberta Division of Pediatric Nephrology.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University

Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
Security The Kingsway School. Accidental Data Loss Data can be lost or damaged by: Hardware failure such as a failed disk drive Operator error e.g. accidental.

Security The Kingsway School. Accidental Data Loss Data can be lost or damaged by: Hardware failure such as a failed disk drive Operator error e.g. accidental.

Similar presentations

Ads by Google