Presentation is loading. Please wait.

Presentation is loading. Please wait.

Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007.

Published byJonah Murphy Modified over 9 years ago

Similar presentations

Presentation on theme: "Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007."— Presentation transcript:

1 Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007. This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the authors. To disseminate otherwise or to republish requires written permission from the authors.

2 Office of Information Technology The Problem IT Staff implemented an enterprise Directory that contained employee and student data. Data Stewards did not understand the Directory concept and were wary about how it was used: –What data attributes were in the Directory? –Who had access to the data? –How were data used? –How were FERPA and privacy rules applied? –How were access permissions obtained?

3 Office of Information Technology The UM Directory Contains information about people at UM – students, faculty, staff and affiliates. User authentication or verification of an ID and password pair. User access to applications, e.g. e-mail, calendaring, timesheets. Discovery of characteristics about an individual for authorization decisions. White pages or phonebook lookup. Application access to Directory data via an AuthDN

4 Office of Information Technology Data Stewards Data Owner - The University. Data Trustee - Individual Vice Presidents with overall responsibility for the data subsets within their division. Data Steward - Sr. officials with responsibility for subsets of Institutional Data managed by their units. Data Manager - UM officials and their staff who have responsibility to collect, disseminate, and manage a specific data subset in their functional area. Data User - Any UM employee or student who has lawful and appropriate access to a specific data subset.

5 Office of Information Technology Office of Data Administration (ODA) Data Standards and Guidelines. –Data Management Structure –Data Policy Advisory Committee Data Integration Data Warehouse Data Access Data Quality

6 Office of Information Technology Solution Educate data stewards about purpose & use of the Directory. Educate Directory staff about data policies & steward concerns. Identify issues Research solutions Negotiate agreements Implement agreements

7 Office of Information Technology Process for Facilitating Solution Initial meeting – review technology & policy ODA conducted a series of meetings –IT and Data Stewards –ODA and IT Technical Staff Phone and Email exchanges ODA facilitated negotiations ODA documented agreements

8 Office of Information Technology Knowledge Acquisition Directory Data Access Methods –On-line web search –Database –Application Auth DN Data Policy –FERPA –UM defined “Directory” information –Employee privacy issues

9 Office of Information Technology What kind of information is available? Whether the data attribute is: Public vs. Private Whether the confidentiality and/or FERPA flags have been set by the individual faculty, staff or student. Whether you are a member of the University of MD community –Anonymous (can be seen outside UMCP) –Authenticated (Directory ID & Password) - UMCP –Auth DN – specific programmer requests

10 Office of Information Technology Data & Access Levels Person data – students, employees (UMCP & other), affiliates Directory “class” assignment –Normal – publicly visible, no special authorization –Sensitive – falls between Normal and Critical, currently no attributes are designated as Sensitive –Critical – requires authorization to view, only available to users with data steward approval

11 Example of Attribute Matrix “Critical” Type Directory Attribute On-line search of the Directory via OIT web page Search of the “publishable” section of Directory Database If approved with Application DN facsimileTelephoneNumberX* X homePhoneX* X homePostalAddressX* X mobileX* X pagerX* X postalAddress (office/local)X* X telephoneNumberX* X umAffiliateTypeX umAffiliateTypeCodeX umAppointmentX

12 Office of Information Technology Anonymous vs. Authenticated Rules Employees –Data visible by anonymous search –Name, title, department, business phone, email –Confidentiality flag determines home addr/phone display Students –Data visible by authenticated search only –If confidentiality = FERPA, nothing is displayed

13 Anonymous vs. Authenticated Access Directory Entry StatusVisible? Faculty/ Staff UMCP Student FERPA/ Buckley Student Hourly Student Employee Anonymous Access Authenticated Access Notes 1 X---Yes 2 XXNo-Yes (e.g. GA/FRA) 3 XXYes- (e.g. GA/FRA) 4 -XNo- Yes 5 -X No 6 ---XYes (non-UMCP student) 7 -XNoX Yes 8 -X XNo 9 X--XYes (fac/staff, hourly student)

14 Office of Information Technology Data Access Requests Requestor submits request to Directory Admin: –Requestor contact info –Application info –Data elements requested and justification for each –Storing, viewing, updating requested data –Population requested –Method & frequency of data needed –Server security info –Other data feeds already using

15 Office of Information Technology Data Access Requests – cont’d When a request is received, ODA facilitates: Unit Head approval Data Steward approval Security review Requestor’s agreement to the Statement of Understanding Account with approved data access issued

16 Office of Information Technology Today & in the Future 30 page document detailing agreements Re-evaluate how long people stay in the Directory Standardize Directory attributes used to identify people for enterprise applications Define institutional roles

17 Office of Information Technology Relevance to Other Institutions With increasing identity theft, need to be vigilant about protecting data. Need a strong partnership between data stewards & IT staff. Need consistency in methods for requesting & obtaining approvals for data access. Need to decide how broad a role the Directory will play regarding a data repository.

18 Office of Information Technology Questions?

19 Office of Information Technology Lead Presenter: Barbara Hope Director, Data Administration bhope@umd.edu Co-Presenter: Lori Kasamatsu Data Administration lkasamat@umd.edu

Download ppt "Office of Information Technology Balancing Technology and Privacy – the Directory Conundrum January 2007 Copyright Barbara Hope and Lori Kasamatsu 2007."

Similar presentations

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Data, Policy, Stakeholders, and Governance Amy Brooks, University of Michigan – Ann Arbor Bret Ingerman, Vassar College Copyright Bret Ingerman 2004. This.

Data, Policy, Stakeholders, and Governance Amy Brooks, University of Michigan – Ann Arbor Bret Ingerman, Vassar College Copyright Bret Ingerman This.
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.

Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Office of Information Technology Affiliates/Guests – Who are these people and how do we give them services? Copyright, Barbara Hope, University of Maryland,

Office of Information Technology Affiliates/Guests – Who are these people and how do we give them services? Copyright, Barbara Hope, University of Maryland,
Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.

Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.
Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau 2004. This work is the intellectual property of the authors. Permission is granted for.

Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.
LDAP-Enabled Privacy at The University of Notre Dame EduCAUSE conference, October 2002 Brendan Bellina Office of Information Technologies University of.

LDAP-Enabled Privacy at The University of Notre Dame EduCAUSE conference, October 2002 Brendan Bellina Office of Information Technologies University of.
Seeing the Forest and the Acorns in the Decision Tree Sandy Burke Computing Center HelpDesk Manager Copyright Sandy Burke, 2003. This work is the intellectual.

Seeing the Forest and the Acorns in the Decision Tree Sandy Burke Computing Center HelpDesk Manager Copyright Sandy Burke, This work is the intellectual.
Worcester Polytechnic Institute 1 Providing Technology Orientation for New Faculty and Staff Copyright © 2005 Worcester Polytechnic Institute This work.

Worcester Polytechnic Institute 1 Providing Technology Orientation for New Faculty and Staff Copyright © 2005 Worcester Polytechnic Institute This work.
Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.

Andrea Eastman-Mullins Information & Technology Coordinator University of North Carolina, Office of the President Teaching and Learning with Technology.
1 Collaborators at the Gates of Troy: Extending eServices at USC.

1 Collaborators at the Gates of Troy: Extending eServices at USC.
1 Extending Authenticated Online Services with Friend Accounts at Washington State University Brian Foley Technology Architect/Application Developer.

1 Extending Authenticated Online Services with "Friend Accounts" at Washington State University Brian Foley Technology Architect/Application Developer.
Copyright Jill M. Forrester 2008. This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,

Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,
Data Management Awareness January 23, 2008 1 University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Dashboard Company Settings Controlled Online Accounting.

Dashboard Company Settings Controlled Online Accounting.
Method: systematically gather citations by KU faculty and approach those faculty for permission to deposit on their behalf articles published in journals.

Method: systematically gather citations by KU faculty and approach those faculty for permission to deposit on their behalf articles published in journals.
June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park

June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park
Project Governance: Avoiding “Administrivia” Lisa Kosanovich Project Manager Center for Instructional Design Brigham Young University

Project Governance: Avoiding “Administrivia” Lisa Kosanovich Project Manager Center for Instructional Design Brigham Young University
Identity Management: The Legacy and Real Solutions Project Overview.

Identity Management: The Legacy and Real Solutions Project Overview.
UWM CIO Office A Collaborative Process for IT Training and Development Copyright UW-Milwaukee, 2007. This work is the intellectual property of the author.

UWM CIO Office A Collaborative Process for IT Training and Development Copyright UW-Milwaukee, This work is the intellectual property of the author.

Similar presentations

Ads by Google