Download presentation
Presentation is loading. Please wait.
Published byArnold Cole Modified over 9 years ago
1
Information Security Decision- Making Tool What kind of data do I have and how do I protect it appropriately? Continue Information Security decision making tool1
2
Choose the menu option which best describes how you are working with LSE Information. You may use this several times for different aspects of your work Information Security decision making tool2 HR or other confidential records HR or other confidential records Financial records Other types of work with LSE information Other types of work with LSE information Research Exam information
3
Do you keep HR records on other people or yourself? Including our own career development review or documents No Yes Information Security decision making tool3
4
Continue Information Security decision making tool4 This information is confidential Continue to find out more… This information is confidential Continue to find out more…
5
Do you keep sensitive information on individuals? Excluding contact details for colleagues that is freely given No Yes Information Security decision making tool5
6
Do you keep sensitive information on exams? Including papers, results, discussions about questions or candidates No Yes Information Security decision making tool6
7
Do you keep financial records? Excluding published company accounts that are in the public domain No Yes Information Security decision making tool7
8
Is the information held on paper? No Yes Information Security decision making tool8
9
Continue Information Security decision making tool9 Keep it in a lockable cabinet Continue to find out more… Keep it in a lockable cabinet Continue to find out more…
10
Do you protect electronic information with MS Office passwords? No Yes Information Security decision making tool10
11
Continue Information Security decision making tool11 Your information is not secure enough with this alone. Continue to find out more… Your information is not secure enough with this alone. Continue to find out more…
12
Do you keep it on H space or a shared drive with appropriate folder permissions? No Yes Information Security decision making tool12 Don’t Know Don’t Know
13
Information Security decision making tool13 Continue Good Click here for more information Continue to finish this session or Home to go back to the beginning Good Click here for more information Continue to finish this session or Home to go back to the beginning
14
Do you protect it with file encryption? No Yes Information Security decision making tool14
15
Continue Information Security decision making tool15 Good Click here for more information Continue to finish this session or Home to go back to the beginning Good Click here for more information Continue to finish this session or Home to go back to the beginning
16
Where do you keep the electronic data and reports you work on? No Yes Information Security decision making tool16 On H space or a shared drive or SharePoint only?
17
Where do you keep the electronic data and reports you work on? Information Security decision making tool17 On Local drive, Laptop, tablet, smart phone or other device? Yes No
18
Continue Information Security decision making tool18 Using these drives should keep your information secure but check folder and file permissions to make sure the ‘need to know’ principle is applied. Click here for more information Information on shared drives is backed-up at least once a day. Continue to find out more… Using these drives should keep your information secure but check folder and file permissions to make sure the ‘need to know’ principle is applied. Click here for more information Information on shared drives is backed-up at least once a day. Continue to find out more…
19
Information Security decision making tool19 Your information is at risk. If you can share it with your team put it on a shared drive to keep it secure and check folder and file permissions to make sure the ‘need to know’ principle is applied. Click here for more information If your info cannot be shared email IMT for advice nowemail IMT Continue to finish this session or Home to go back to the beginning Your information is at risk. If you can share it with your team put it on a shared drive to keep it secure and check folder and file permissions to make sure the ‘need to know’ principle is applied. Click here for more information If your info cannot be shared email IMT for advice nowemail IMT Continue to finish this session or Home to go back to the beginning Continue
20
Do you use a database or spreadsheet to record information? No Yes Information Security decision making tool20
21
Do you ever work away from your desk? No Yes Information Security decision making tool21
22
Where do you keep the files you access remotely? No Yes Information Security decision making tool22 On H space or shared drive or SharePoint only?
23
Continue Information Security decision making tool23 Using these drives should keep your information secure but check folder and file permissions to make sure the ‘need to know’ principle is applied. Click here for more information Information on shared drives is backed-up at least once a day. Continue to find out more… Using these drives should keep your information secure but check folder and file permissions to make sure the ‘need to know’ principle is applied. Click here for more information Information on shared drives is backed-up at least once a day. Continue to find out more…
24
Where do you keep the files you access remotely? Information Security decision making tool24 Dropbox, Google Docs, One Drive or other cloud based storage? Yes No
25
Where do you keep the files you access remotely? Information Security decision making tool25 Memory stick, CD, DVD, Floppy disk or other storage media? Yes No
26
Continue Information Security decision making tool26 Your information could be at risk. Click here for more information If you can share it with your team put it on a shared drive to keep it secure. If your info cannot be shared, email IMTemail IMT for advice now. Continue to find out more… Your information could be at risk. Click here for more information If you can share it with your team put it on a shared drive to keep it secure. If your info cannot be shared, email IMTemail IMT for advice now. Continue to find out more…
27
Continue Information Security decision making tool27 Your information could be at risk. Click here for more information If you can share it with your team put it on a shared drive to keep it secure. If your info cannot be shared, email IMTemail IMT for advice now. Continue to finish this session or Home to go back to the beginning Your information could be at risk. Click here for more information If you can share it with your team put it on a shared drive to keep it secure. If your info cannot be shared, email IMTemail IMT for advice now. Continue to finish this session or Home to go back to the beginning
28
Is your data sensitive or confidential? No Yes Information Security decision making tool28
29
Have you signed a funding contract? No Yes Information Security decision making tool29
30
Is the LSE the project lead? No Yes Information Security decision making tool30
31
Continue Information Security decision making tool31 Follow the project lead’s guidelines on securing information. Click Finish If you need advice to comply with guidelines, email IMT or the Data Librarian. Click Finishemail IMTData Librarian If no guidelines are available Continue to find out more… Follow the project lead’s guidelines on securing information. Click Finish If you need advice to comply with guidelines, email IMT or the Data Librarian. Click Finishemail IMTData Librarian If no guidelines are available Continue to find out more… Finish
32
Does your research contract specify information security requirements? No Yes Information Security decision making tool32
33
Can you meet the security requirements? No Yes Information Security decision making tool33 Don’t Know Don’t Know
34
Continue Information Security decision making tool34 Comply with the contract. Continue to find out more… Comply with the contract. Continue to find out more…
35
Information Security decision making tool35 Continue Email IMT Email IMT or the Data Librarian for advice. Data Librarian Continue to finish this session or Home to go back to the beginning Email IMT Email IMT or the Data Librarian for advice. Data Librarian Continue to finish this session or Home to go back to the beginning
36
Do/will you keep sensitive personal data? Examples: racial/ethnic origin, political opinion, religious beliefs, trade union membership, physical/mental health condition, sexual life, criminal records No Yes Information Security decision making tool36
37
Do/will you keep personal financial data/reports on financially sensitive subjects Examples: bank and salary details No Yes Information Security decision making tool37
38
Do you keep sensitive information on individuals? Examples: interview transcripts, databases of individual information No Yes Information Security decision making tool38
39
Do you need to share data with academic partners? No Yes Information Security decision making tool39
40
Do you use SharePoint? No Yes Information Security decision making tool40
41
Have you or the site owner received SharePoint training? No Yes Information Security decision making tool41
42
Information Security decision making tool42 Continue Check that the permissions on your site are accurate and that all data is appropriate For more information click here Continue to find out more… Check that the permissions on your site are accurate and that all data is appropriate For more information click here Continue to find out more…
43
Information Security decision making tool43 Continue Contact IMT now for appropriate training options Continue to find out more… Contact IMT now for appropriate training options Continue to find out more…
44
Information Security decision making tool44 Continue Email IMT Email IMT for advice now. Continue to find out more… Email IMT Email IMT for advice now. Continue to find out more…
45
Are you in the end-of-project phase? No Yes Information Security decision making tool45
46
Information Security decision making tool46 Continue Email the Data Librarian for advice. Continue to find out more… Email the Data Librarian for advice. Continue to find out more…
47
Is the information held on paper? No Yes Information Security decision making tool47
48
Information Security decision making tool48 Continue Keep it in a lockable cabinet. Continue to find out more… Keep it in a lockable cabinet. Continue to find out more…
49
Information Security decision making tool49 Thank you for completing the Information Security decision- making tool. Email IMT Email IMT if you have any further queries or concerns or if there is anything else you think we should include in this tool. Thank you for completing the Information Security decision- making tool. Email IMT Email IMT if you have any further queries or concerns or if there is anything else you think we should include in this tool. Finish
50
Information Security decision making tool50 Continue Access control systems are in place to protect the interests of all authorised users of LSE IT systems by providing a safe, secure and accessible environment in which to work. Access rights will be accorded following the principles of least privilege and need to know. Access to LSE IT resources and services will be given through the provision of a unique user account and complex password. For further reading, click this link. http://www.lse.ac.uk/intranet/LSEServices/policies/pdfs/school/acc ConPol.pdf Access control systems are in place to protect the interests of all authorised users of LSE IT systems by providing a safe, secure and accessible environment in which to work. Access rights will be accorded following the principles of least privilege and need to know. Access to LSE IT resources and services will be given through the provision of a unique user account and complex password. For further reading, click this link. http://www.lse.ac.uk/intranet/LSEServices/policies/pdfs/school/acc ConPol.pdf
51
Information Security decision making tool51 Continue Encryption is a way of encoding information so that it cannot be read without the appropriate key to decode it. It is a way of rendering files, volumes or hard disks extremely secure. Encryption should be used to secure data that are in transit or else are accessed and held outside LSE systems, for instance on a home workstation, or on devices that are easy to steal or lose (such as laptops, tablets etc). http://www.lse.ac.uk/intranet/LSEServices/IMT/about/policies/doc uments/Guidelines-Encryption-Guidelines-v1-1.pdf Encryption is a way of encoding information so that it cannot be read without the appropriate key to decode it. It is a way of rendering files, volumes or hard disks extremely secure. Encryption should be used to secure data that are in transit or else are accessed and held outside LSE systems, for instance on a home workstation, or on devices that are easy to steal or lose (such as laptops, tablets etc). http://www.lse.ac.uk/intranet/LSEServices/IMT/about/policies/doc uments/Guidelines-Encryption-Guidelines-v1-1.pdf
52
Information Security decision making tool52 Continue Cloud storage is effectively disk space made available by third parties over the internet but are not supported at the LSE. There are many providers of this type of storage but we are going to focus here on Dropbox as an example. We would advise against putting anything into Dropbox that would contain very sensitive information, such as School financial data or datasets that contained the name, address, ethnicity and passport numbers of individuals. This includes information the School classifies as ‘Secret’. Data classed as ‘Secret’ or ‘Confidential’ should be carefully assessed by the owner for the risk of reputational and financial damage if it leaked before putting it in Dropbox. For further reading please click this link. http://www.lse.ac.uk/intranet/LSEServices/IMT/guides/softwareGuides/other/usin gDropboxCloudStorageServices.aspx Cloud storage is effectively disk space made available by third parties over the internet but are not supported at the LSE. There are many providers of this type of storage but we are going to focus here on Dropbox as an example. We would advise against putting anything into Dropbox that would contain very sensitive information, such as School financial data or datasets that contained the name, address, ethnicity and passport numbers of individuals. This includes information the School classifies as ‘Secret’. Data classed as ‘Secret’ or ‘Confidential’ should be carefully assessed by the owner for the risk of reputational and financial damage if it leaked before putting it in Dropbox. For further reading please click this link. http://www.lse.ac.uk/intranet/LSEServices/IMT/guides/softwareGuides/other/usin gDropboxCloudStorageServices.aspx
53
Information Security decision making tool53 Continue USB or similar storage devices are easily lost or stolen, putting any data they contain at great risk of being accidentally or deliberately exposed. The loss of confidential or sensitive personal data on a USB storage device could result in LSE: being fined by the Information Commissioner's Office suffering reputational damage causing distress to those whose data has been lost losing valuable research contracts For further reading please click the link below http://www.lse.ac.uk/intranet/LSEServices/IMT/about/policies/usingUsbStorageDe vices.aspx USB or similar storage devices are easily lost or stolen, putting any data they contain at great risk of being accidentally or deliberately exposed. The loss of confidential or sensitive personal data on a USB storage device could result in LSE: being fined by the Information Commissioner's Office suffering reputational damage causing distress to those whose data has been lost losing valuable research contracts For further reading please click the link below http://www.lse.ac.uk/intranet/LSEServices/IMT/about/policies/usingUsbStorageDe vices.aspx
54
Information Security decision making tool54 Continue Email IMT Email IMT for advice now Continue to finish or press Home to go back to the beginning. Email IMT Email IMT for advice now Continue to finish or press Home to go back to the beginning.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.