1 / 25

Staff development Day

Staff development Day. Security & New Technologies College of Dentistry The Ohio State University. Ahhh , security. Restricted Data. OSU Classifies 3 Levels of Data Public – Ordinary information, freely available (stats, websites, publications, etc.)

jolene
Télécharger la présentation

Staff development Day

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Staff development Day Security & New Technologies College of Dentistry The Ohio State University

  2. Ahhh, security

  3. Restricted Data • OSU Classifies 3 Levels of Data • Public – Ordinary information, freely available (stats, websites, publications, etc.) • Limited Access – Data with access controlled via username & password (this includes ANY data in any enterprise system, unless otherwise specified, such as SIS, PeopleSoft, etc.) • Restricted

  4. Why is it restricted? • Adversely affect the ability of the University to accomplish its mission • Lead to possibility of identity theft if released • Put the University in a state of non-compliance with various state and federal regulations such as FERPA, HIPAA, or GLBA • Put the University in a state of non-compliance with contractual obligations such as payment card industry (PCI) data security standards

  5. Handling Restricted Data • Data must be secured at all times • Data can not be stored or transported on any non-OSU owned device, not even if it is encrypted • Data can not be emailed to or from a standard email system

  6. What if I need to email restricted data? Don’t Use the Telephone Speak face to face

  7. But… I really, really need to email it • OSUSECURE

  8. How does it work? OSUSECURE

  9. What does the recipient see? • It depends • If they are on the OSU UES… no difference! • Including the OSU Medical Center • By the end of 2014, will include entire University • If they are on a compatible secure system, exactly what you sent, except for a Zix footer! • If they are not using a compliant mail system…

  10. What does the recipient do?

  11. Nothings Perfect • osu.edu ≠ osu.edu • Students are NOT a part of the University Email System (UES) • BuckeyeMail, which is actually a cloud based email service , run, and managed by Microsoft • Restricted Data can not be stored or transported on any non-OSU owned device or network • Uh Oh owned

  12. Mobile Device Considerations • Many, many options • iOS, Android, Blackberry, Windows, etc. • Greater & greater technologies • Variations make a “one-size fits all” approach difficult • Secure access with a password • If possible, encrypt it • Back up important images – to Box! • Don’t store any restricted information • Be prepared to wipe data from the phone if lost or stolen

  13. Secure it!

  14. Anything Else? • No Forwarding if you expect to receive restricted email • Visit https://my.osu.edu to disable forwarding • “Wipe” a lost device at https://email.osu.edu • What if someone sends me restricted data?

  15. BuckeyeBox

  16. What is BuckeyeBox • Cloud Storage, up to 50gb, free for every faculty, staff, & student at OSU • Accessible from any internet device, using just your University credentials (name.nnn + password) • Mobile versions • Application Integration • Collaborative capabilities, with task assignment • NOT FOR RESTRICTED DATA • Yet • Except for FERPA

  17. Why would I use BuckeyeBox? • To share documents with people outside of the College of Dentistry, or The Ohio State University • To store non-restricted data that I might need when I am away from the College (no VPN required) • To distribute documents that I need to track who has seen or modified them • To distribute non-restricted data to students while they are away from the College

  18. I’m in. How do I get started? • Sign up • At https://buckeyebox.osu.edu • Log on • At https://buckeyebox.osu.edu • Get Started • Video

  19. BuckeyeBox! • Box can generate a link, that you can control, to share any content • https://osu.box.com/s/1emdhj3du071v03wgmro • Users need not be Box users to access shared files • Users need not log on to Box to access shared files (but you can password protect your data) • You can keep people from downloading your shared files

  20. Things You Don’t Want • Gone Phishing • Blocking Unwanted Mail

  21. Phishing? • A scam involving email • A “phisher” sends out massive amounts of spam, in the hopes that some people will fall for the scam • Once they have your account information, they will use it however they want • Attack a network • Financial gain • Send more phishing attacks … and someone always does

  22. How do I know? But wait, Who? SCAM Dear Who? “The” All staffs? And most important… OSU will never ask you to divulge sensitive information! Mandatory! Do not ignore! It’s friendly enough… Seems legitimate. It has our logo. And some tiny little important sounding words…

  23. A few more real world examples

  24. Questions?

More Related