|
|
UD sets new protocols to prevent identity theft In all, three computers were stolen in the early morning hours of Friday, Dec. 3, from the departments offices. When it was brought to the attention of the department chairperson, Elizabeth M. Perse, that one of the computers contained students personal information, she wrote to all the students involved, notifying them of the theft and urging them to make themselves aware of information on identity theft contained on three governmental web sites. As soon as I found out in June there was a potential for identity theft, I contacted the students involved, Perse said. While it is possible that the information may lead to identity theft in the hands of an unauthorized person or persons, she said, the office continues to believe that the computers were taken for their hardware value, and not for the data on them. Perse said there were two levels of security protecting the data set one password to log onto the computer and another to open the database. Susan Foster, vice president for information technologies, said the departments delay between the theft in December and the notice to students in June is unfortunate. The theft of the computers was reported immediately to University Police, she said. However, contrary to UD policy, personal information had been recorded on one of them and that fact did not become known until recently. University personnel are better equipped today to deal with identity theft and related issues than they were even a few months ago, Foster said. The University has recently adopted protocols that will both provide greater security for personal information and ensure rapid notice of any event that may have compromised that security, she said. The world is becoming increasingly sensitive to the issue of identity theft, she said, which has become an issue because of the rapid development of information technology and the growing threat from people sophisticated in technology who have learned the value of certain data. Information Technologies has released a new set of guidelines [www.udel.edu/ssn/guid.html] aimed at helping departments secure PNPI and make sure they are in compliance with the Family Educational Rights and Privacy Act (FERPA) as well as other laws that govern the use of PNPI. The guidelines direct departments to ensure the privacy of PNPI by encrypting electronic transmissions, not storing PNPI locally, and protecting PNPI when working from home or outside the University. Information Technologies has also assembled a team of staff members who are available to visit University offices to evaluate the processes for handling PNPI and to discuss measures that will help protect computer systems and sensitive information. To request an audit of your departments computing equipment and uses of PNPI, call the Information Technologies Help Center at 831-6000. Protecting Personal Non-Public Information UD Computer Security Responsible Computing: A Manual for Staff Identity Theft To learn how to subscribe to UDaily, click here. |