1 / 19

Securing and Protecting Citizens' Data

Securing and Protecting Citizens' Data. J. Rick Mihalevich Dean of Information Technology Linn State Technical College rick.mihalevich@linnstate.edu 573.897.5129 June 18, 2009. Securing and Protecting Citizen Data Goals. Provide awareness of the need

huela
Télécharger la présentation

Securing and Protecting Citizens' Data

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing and Protecting Citizens' Data J. Rick Mihalevich Dean of Information Technology Linn State Technical College rick.mihalevich@linnstate.edu 573.897.5129 June 18, 2009

  2. Securing and Protecting Citizen DataGoals • Provide awareness of the need • Provide awareness of the major laws that impact public entities • Provide information on best practices, technology, and trends • Provide resources for further information

  3. Security Concerns and Public Entities • Open • Accessible • Transparent • Accountable

  4. Linn State Technical CollegeSecurity Infrastructure • LSTC currently utilizes XXXXXX to provide data XXXXXX processes which impacts approximately XXXXXX blocked attacks daily. • XXXXXXX manages a XXXX XXXX router at the gateway • LSTC utilizes XXXXXX Firewall • The DMZ is attached to a XXXXXXX appliance. • All packets are inspected by XXXXXX and XXXX security software is used to protect against XXXXXX attacks.

  5. Examples of Compromised Data • 2006 26.5 million veterans was compromised when a laptop was stolen • 2007 Inspector General for Tax Administration found 490 laptops containing sensitive taxpayer data had been lost or stolen • 2006 Employee information at the department of agriculture was compromised by unauthorized access

  6. Selected Laws Governing Use of of Public Data • FERPA: Family educational rights and privacy act • HIPAA: Health insurance portability and accountability act • GLB: Gramm-Leach-Bliley Act • The Privacy Act • E-government Act • FISMA: The Federal Information Security Management act

  7. Conclusions • Conclusion #1: LSTC Infrastructure • Security by Obscurity • Conclusion #2: Examples of Compromised Data • Employees may pose the greatest risk • Conclusion #3: Public Laws • Balance between openness and security • Public Trust • Restricting access, in the name of security is no vise

  8. Best Practices In Higher Education

  9. Technology • Pass Phrase • Thumb drive encryption • Encryption of laptops • Virtual Private Networks (VPN’s) • Touchpad security • Effective patch management

  10. Best Practices • Security officer • Security by Obscurity • Not using SSN • Training and awareness • Change passwords frequently (Strong) • Don’t click on e-mail links

  11. Resources

  12. Resources • www.cybersecurity.mo.gov • www.msisac.org • Department of Homeland Security • National Governors Association Center for Best Practices • National Association of Chief Information Officers • Governmental Accountability Office

  13. Next Panelist

  14. Other Information – May be used for Q & A or conclusion

  15. Guidelines for Protecting Citizen Data • Principles of openness, accuracy, transparency and accountability • How would you like your personal information handled • fairly and lawfully process it • process it only for limited, specifically stated purposes • use the information in a way that is adequate, relevant and not excessive • use the information accurately • keep the information on file no longer than absolutely necessary • process the information in accordance with your legal rights • keep the information secure • never transfer the information outside

  16. Guidelines for Protecting Citizen Data – Stronger Protection needed • ethnic background • political opinions • religious beliefs • health • sexual life • criminal history

More Related