Presentation is loading. Please wait.

Presentation is loading. Please wait.

Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,

Published byMelina Casey Modified over 9 years ago

Similar presentations

Presentation on theme: "Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,"— Presentation transcript:

1 Management of Data as Responsible Use ICPL 2005

2 Information Privacy and Security As usual in higher education, different institution will have, and take, different approaches to the protection, preservation, and proper use of their IT resources and assets: –Hardware –Software –Data

3 Privacy and Security Security and Privacy Security –Administrative Program –Logical Availability Integrity Confidentiality –Physical Locks and Keys Privacy –Transparency Data collected/stored Relevancy –Disclosure Notice –Control Correct Mistakes Opt-In or Out –Security Administrative Logical Physical

4 Data… Is at the core of the intersection between security and privacy, not least in the experience of information technologies.

5 Comprehensive Information Security Policies UC-Berkeley Framework –http://ist-socrates.berkeley.edu:2002/pols.htmlhttp://ist-socrates.berkeley.edu:2002/pols.html UCOP –http://www.ucop.edu/ucophome/policies/bfb/is3.pdfhttp://www.ucop.edu/ucophome/policies/bfb/is3.pdf Princeton –http://www.princeton.edu/~protect/PoliciesAndGuidelines/Info SecPolicy05-21-2004.pdfhttp://www.princeton.edu/~protect/PoliciesAndGuidelines/Info SecPolicy05-21-2004.pdf Chicago –https://security.uchicago.edu/regulated- computers/policy.shtml

6 Data Classification and Stewardship Classification –http://www.stanford.edu/group/security/clas sification/classification_of_data.htmlhttp://www.stanford.edu/group/security/clas sification/classification_of_data.html Stewardship –http://www.itc.virginia.edu/policy/itcadmina ppendixa.htmlhttp://www.itc.virginia.edu/policy/itcadmina ppendixa.html –http://www.web.virginia.edu/iaas/data_catal og/institutional/data_digest/datadigest.htmlhttp://www.web.virginia.edu/iaas/data_catal og/institutional/data_digest/datadigest.html

7 Cornell IT Policy Framework http://www.cit.cornell.edu/oit/policy/frame work-chart.html

8 Security of Information Technology Resources Every user responsible for security of devices connected to the network Five Categories of Users/Obligations IT Director: coordinate security program Unit Heads: oversee (for their unit) Security Liaisons: effectuate (unit risk assessment) Local Support Provider: implement (desktop) User: know who you are and don’t share password!

9 Responsible Use of IT Resources Every user must manage the data on their IT devices Five Categories of Users/Obligations IT Data Director: coordinate Stewards: oversee (policy) Data Liaisons: effectuate (inventory/flows) Custodians: implement (secure that web page!) Users: know who you are (and don’t infringe copyright!)

10 Conclusion Protection, preservation and appropriate use of institutional IT assets and interests requires comprehensive information data and security programs. That an institution have such programs is a given; how they are constructed goes to the history, culture and tradition of the institution.

Download ppt "Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,"

Similar presentations

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Evolution of Data Use and Stewardship Recent University-wide Data Stewardship Enhancements Integrated System Data Stewardship Shirley C. Payne, CISSP,

Evolution of Data Use and Stewardship Recent University-wide Data Stewardship Enhancements Integrated System Data Stewardship Shirley C. Payne, CISSP,
Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.

Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.
Overview of IS Controls, Auditing, and Security Fall 2005.

Overview of IS Controls, Auditing, and Security Fall 2005.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Effective Design of Trusted Information Systems Luděk Novák,

Effective Design of Trusted Information Systems Luděk Novák,
Security Policies for Institutions of Higher Education Ardoth A. Hassler, Associate VP for University Information Services, Georgetown University Tracy.

Security Policies for Institutions of Higher Education Ardoth A. Hassler, Associate VP for University Information Services, Georgetown University Tracy.
Security Controls – What Works

Security Controls – What Works
All rights reserved © 2005, Alcatel Risk Awareness in Enterprise IT Processes and Networks  Dr. Stephan Rupp.

All rights reserved © 2005, Alcatel Risk Awareness in Enterprise IT Processes and Networks  Dr. Stephan Rupp.
Data Management Awareness January 23, 2008 1 University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
The Pieces and the Puzzle of IT Policy University Computer Policy and Law Program April 7, 2004.

The Pieces and the Puzzle of IT Policy University Computer Policy and Law Program April 7, 2004.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Peer Information Security Policies: A Sampling Summer 2015.

Peer Information Security Policies: A Sampling Summer 2015.
Information Asset Classification

Information Asset Classification
Privacy and Security Risks in Higher Education

Privacy and Security Risks in Higher Education
Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
1 General Awareness Training Security Awareness Module 1 Overview and Requirements.

1 General Awareness Training Security Awareness Module 1 Overview and Requirements.
1 Introduction to Information Security. 2 Historical aspects of InfoSec Critical characteristics of information CNSS security model Systems development.

1 Introduction to Information Security. 2 Historical aspects of InfoSec Critical characteristics of information CNSS security model Systems development.

Similar presentations

Ads by Google