Presentation is loading. Please wait.

Presentation is loading. Please wait.

GOOD INFORMATION SECURITY PRACTICES Keeping Sensitive Data Confidential Tim Thomas Region 6 Coordinator WCGRH LAN Engineer DHR/OIT.

Published byGarey McGee Modified over 9 years ago

Similar presentations

Presentation on theme: "GOOD INFORMATION SECURITY PRACTICES Keeping Sensitive Data Confidential Tim Thomas Region 6 Coordinator WCGRH LAN Engineer DHR/OIT."— Presentation transcript:

1 GOOD INFORMATION SECURITY PRACTICES Keeping Sensitive Data Confidential Tim Thomas Region 6 Coordinator WCGRH LAN Engineer DHR/OIT

2 Office of Information Technology DHR Helpdesk 1-800-764-1017

3 Office of Information Technology Keep A Lid On It! Keep private information confidential. –Some of you may be handling very sensitive data People’s private health information People’s private financial information People’s private family information –Only share sensitive information with people who are authorized to know –That includes verbally, in writing and electronically

4 Office of Information Technology GEORGIA DEPARTMENT OF HUMAN RESOURCES Human Resource/Personnel Policy #1205 USE OF STATE PROPERTY EFFECTIVE DATE: June 1, 2003 RELEASE DATE: May 30, 2003 REFERENCE: DHR Human Resource/Personnel Policy #1201 - Standards of Conduct and Ethics in Government State property is to be used for work-related reasons only. Employees are not to use, misuse or permit the use of State property for other than work-related reasons. State property includes, but is not limited to: computers, telephones, cellular phones, fax machines, copiers or other equipment, supplies, vehicles, work areas and furniture.

5 Office of Information Technology Email, Internet and other computer tools and equipment are provided to employees for work-related reasons, and must be used for work-related purposes. The display or transmission of sexually oriented material is prohibited. Other prohibited uses include, but are not limited to, ethnic slurs, racial or other off-color jokes or remarks, game playing, or anything that may be considered harassment or expressing disrespect for others. Employees are not to engage in other employment activities while on duty. Conducting personal business or otherwise performing other employment activities using computers is prohibited. All information in state computers, including but not limited to e- mail transmittals, is subject to inspection by appropriate management at any time. No employee has a privacy interest in any information contained in a state computer.

6 Office of Information Technology

7

8 Passwords

9 Office of Information Technology Express Yourself! Be creative in choosing passwords –Use at least 8 characters in your password The bigger they are the harder it is to make them fall –Use numbers and special characters in your password Special Characters: !@#%&*?$ –Use phrases to create your password It’s a beautiful day in the neighborhood: 1@bD1tn! –Pick a verse favorite of your song… I want to be a number one: Iw2b@#1!

10 Office of Information Technology http://password.dhr.state.ga.us Username@dhr.state.ga.us Password Reset

11 Office of Information Technology Password Reset

12 Office of Information Technology Password Reset

13 Office of Information Technology Password Reset

14 Office of Information Technology E-Mails

15 Office of Information Technology Fear The Unknown! Don't open email attachments from unknown sources. –Be suspicious of any unexpected email –If it comes from outside and you don’t know the sender, delete it. Curiosity has its place! –If it comes from the inside and looks suspicious contact the person and verify they sent it If they didn’t send it, notify the information security office or the helpdesk 1-800-764-1017. Don’t visit inappropriate web sites

16 Office of Information Technology Internet

17 Office of Information Technology Internet Security and Use DHR has Internet services to support the advancement of business goals and objectives. Use of computer resources and networks must be business-oriented. Internet access is monitored and recorded Each use of the internet must be able to withstand public scrutiny without embarrassment to DHR or the State of Georgia. Limited personal use is acceptable and is subject to the same acceptable usage policies. Users must not access inappropriate sites. Accessing sites with offensive material is prohibited. Remember the Internet is not private. Any site on the Internet can trace you to your name and location.

18 Office of Information Technology Some Examples of Inappropriate Internet Usage Illegal activities Wagering or betting Harassment and illegal discrimination Commercial activities (e.g., personal for-profit business activities) Promotion of political or religious positions or activities Receipt, storage or transmission of offensive, racist, sexist, obscene or pornographic information Downloading software (including games, wallpaper, weather programs and screen savers) unless agency sanctioned (and installed by DHR Technical Support) Use by individuals other that state employees Chat sessions or bulletin boards, unless business related Online/Streaming - Music, video’s, News/Entertainment

19 Office of Information Technology Cover Your Tracks! Don’t leave sensitive information lying around. –Always lock your PC screen when you are leaving your work area 3 finger salute (ctrl+alt+del) –Perform a perimeter check at the end of the day Lock away papers containing sensitive information Shut down your computer Make sure not sensitive information is exposed

20 Office of Information Technology Shred and Forget It! We are required to properly dispose of data that is of no more use, regardless of the media type. –Overwrite DOD Standard 5220.22-M –Degauss Electromagnetic cleansing –Destroy Physical destruction of the media

21 Office of Information Technology We Are Our Brother’s Keeper! Information Security is everyone’s responsibility. –It’s part of your job function –Federal, State, & DHR mandates that we protect this sensitive information –Failing to abiding by these mandates is punishable by fine and/or imprisonment Could cost the state money and embarrassment Could cost constituents money and embarrassment Could cost you money, embarrassment and freedom

22 Office of Information Technology Stay Mindful! So, always be mindful of your responsibility as it pertains to sensitive information that the State has entrusted you with and enjoy a long an prosperous career here at DHR.

23 Office of Information Technology DHR Helpdesk 1-800-764-1017

24 GOOD INFORMATION SECURITY PRACTICES Keeping Sensitive Data Confidential Tim Thomas tlthomas@dhr.state.ga.us 706-718-6110

Download ppt "GOOD INFORMATION SECURITY PRACTICES Keeping Sensitive Data Confidential Tim Thomas Region 6 Coordinator WCGRH LAN Engineer DHR/OIT."

Similar presentations

A Reliable and Secure Network TM105: ESTABLISHING SANE TECHNOLOGY POLICIES FOR YOUR PROGRAM.

A Reliable and Secure Network TM105: ESTABLISHING SANE TECHNOLOGY POLICIES FOR YOUR PROGRAM.
Laptop Responsibilities Memorial Middle School Laredo ISD.

Laptop Responsibilities Memorial Middle School Laredo ISD.
Northside I.S.D. Acceptable Use Policy 2009-2010.

Northside I.S.D. Acceptable Use Policy
Hart District Acceptable Use Policy Acceptable Use Policy.

Hart District Acceptable Use Policy Acceptable Use Policy.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.

Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.
Acceptable Use Policy (or Fair Use): For Users of Computers and other technology.

Acceptable Use Policy (or Fair Use): For Users of Computers and other technology.
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.

1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.

SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.
Uintah School District Acceptable Use for Computer and Network Access.

Uintah School District Acceptable Use for Computer and Network Access.
Boyertown Area School District Acceptable Use Policy.

Boyertown Area School District Acceptable Use Policy.
Phoenix Union High School District Governing Board Policy In-Service Technology Usage Electronic Information System (EIS) 2014/2015 School Year.

Phoenix Union High School District Governing Board Policy In-Service Technology Usage Electronic Information System (EIS) 2014/2015 School Year.
Acceptable Use By: Keith R. Watson CoC Information Security Manager.

Acceptable Use By: Keith R. Watson CoC Information Security Manager.
Hectic Ethics Computer Applications Mrs. Wohleb. Objectives Students will be able to: Describe ethical considerations resulting from technological advances.

Hectic Ethics Computer Applications Mrs. Wohleb. Objectives Students will be able to: Describe ethical considerations resulting from technological advances.
Riverside Community School District

Riverside Community School District
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
VISD Acceptable Use Policy

VISD Acceptable Use Policy
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

Similar presentations

Ads by Google