1 / 11

Best Practices for Managing Sensitive Data at Virginia Tech

This document outlines effective practices for managing sensitive data at Virginia Tech, emphasizing the importance of protecting student and employee privacy, maintaining data integrity, and minimizing legal risks. Key strategies include proactive measures, creating a structured framework, securing support from essential stakeholders, and ensuring compliance with security standards for social security numbers (SSNs). It highlights the collective role of the IT organization and community members in enhancing data security awareness. Future plans focus on meeting ongoing challenges in safeguarding personally identifiable information (PII).

kaiyo
Télécharger la présentation

Best Practices for Managing Sensitive Data at Virginia Tech

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008

  2. VT EP for Managing Sensitive Data Our needs… • Stay out of the Press. • Stay out of the courts. • Preserve the integrity of the data. • Respect the privacy of our students and employees.

  3. VT EP for Managing Sensitive Data #1: Do what you can when you can do it. Pre-2003

  4. VT EP for Managing Sensitive Data #2. Create a framework for doing it.

  5. VT EP for Managing Sensitive Data • #3. Garner support from the Big Sticks. • Board of Visitors • University Legal Counsel • Internal Audit • Campus Police

  6. VT EP for Managing Sensitive Data #4. Don’t think you’re done. 2008

  7. VT EP for Managing Sensitive Data Security Standards for Social Security Numbers • IT Standards • SSN on display screens, reports • Security protocol to access SSN on VT DB • Electronic Storage of SSN (encrypt it) • Electronic transmission of SSN (encrypt it) • Obtain permission to include SSN in ANY electronic system • Records management handles paper documents

  8. VT EP for Managing Sensitive Data Benefits • Lack of a complete solution has not prevented us from implementing partial solutions. • Everyone has a role. • Members of the IT organization and the university have increased their involvement, interest and awareness in security through policy development, tool development and by participating in VT IT Security Task Force.

  9. VT EP for Managing Sensitive Data Challenges • Pulling all the pieces together to create a comprehensive plan for securing personally identifying information (PII).

  10. VT EP for Managing Sensitive Data Future Plans • Meet the challenge!

  11. VT EP for Managing Sensitive Data References • Virginia Tech IT-Related University Policies http://www.policies.vt.edu/index.php#it • Security Standards for Social Security Numbers http://computing.vt.edu/administrative_systems/banner/security%20standards_5July05.pdf • Virginia Tech Certification Authority http://www.pki.vt.edu • Virginia Tech Information Technology Security Office http://security.vt.edu • Virginia Tech IT Security Task Force https://content.cc.vt.edu/confluence/display/ITS/Home • Administrative Data Management and Access Policy http://www.policies.vt.edu/7100.pdf

More Related