)
ADVERTISEMENT
- UD launches Center for Political Communication
- Princeton anthropologist addresses human language and art in Darwin lecture
- Violinist Xiang Gao to lead China tour in June
- Delaware art history grad student honored for best paper
- MSERC programs in math education receive continued funding
- UD Library Associates elects officers for 2010
- Richards to return to faculty in College of Health Sciences
- UD Police seek information about injured student
- For the Record, Nov. 20, 2009
- UD in the News, Nov. 20, 2009
- UD planning teachers institute in cooperation with Yale National Initiative
- PCS, Academy of Lifelong Learning receive award
- Record 334 students receive General Honors Awards
- Vaughan elected interim president of national education organization
- Lambda Chi Alpha completes annual food drive
- Second Life Outsider art show seen a success
- Dec. 2: Former RNC chairperson Ed Gillespie to speak
- UD Collegiate Figure Skating Team wins Cornell competition
- UD students tour CIA headquarters
- Interdisciplinary Humanities Research Center established
- American Vacuum Society honors UD doctoral student
- UD hosts annual Delaware Space Grant Research Symposium
- UD ranks among top institutions in study abroad
- UD's second hydrogen fuel cell bus carries special guests
- UD, Olympic movement complete coaching enrichment modules
- University awarded grant for prostate cancer research
- 5 things you need to know about H1N1 influenza
- Junior Chefs Rockfish Cook-Off accepting entries
- More News >>
- Dec. 2: Former RNC chairperson Ed Gillespie to speak
- Nov. 30-Dec. 4: College School schedules book fair
- Dec. 1: LGBT community to mark World AIDS Day
- Dec. 3: Center plans Pre-Kwanzaa Celebration
- Dec. 6: New Castle County Alumni Club plans Winterthur holiday event
- Dec. 6: UD alumni events planned in Baltimore, Philadelphia
- Dec. 6: 'Jams for Jimmy' benefit concert to be held in Wilmington
- Dec. 7: Black Student Union to present program on racial stereotypes
- Oct. 11-Nov. 29: International Film Series offered Sundays at Trabant
- Sept. 9-Dec. 2: 'Assessing Obama' series to feature faculty, national speakers
- Sept. 9-Dec. 2: 'Research on Women' fall lecture series announced
- Sept. 18-Dec. 18: Library's 'Lion Awakes' exhibition looks at reggae, Marley
- Sept. 26-May 1: Take in an opera at the Met with UD matinee tickets
- More What's Happening >>
- UD calendar >>
- Changes ahead for recognition of student honors
- Bicyclists, motorists need to watch out for one another
- Career Services Center announces online voting for top video
- Nominations sought for Redding Award recognizing campus diversity efforts
- Nov. 30: Chemical hygiene, lab safety survey deadline
- Princeton Review announces student survey
- UD's Winter Faculty Institute kicks off Jan. 5
- Student anchors, videographers compete for spot at 82nd Academy Awards
- State offers UD faculty, staff free health risk assessment
- Upgrade to Windows 7 available for UD students
- More Campus FYI >>
1:44 p.m., Oct. 22, 2009----Not a month goes by without a computer security breach being reported in the press.
“Earlier this month, the University of North Carolina had to notify subjects in a medical study that their personal information had been exposed,” Scott Sweren, UD's information security officer, said. “And a community college in New York had to hire a firm to monitor the credit reports for 300 students whose social security numbers were accidentally distributed via e-mail.”
Sweren said that avoiding situations like these is why UD Information Technologies staff take advantage of National Cyber Security Awareness Month to remind faculty and staff that information security is everyone's business.
How should I store confidential information?
According to Ian Janssen, director of University Archives and Records Management, you should start with some common sense steps. “Take simple precautions to protect confidential information, in both portable electronic storage media and hard-copy formats,” he said. “Always store confidential material in locked cabinets when stored within your unit, and limit physical access to only those individuals who actually need to use the information.”
Ron Nichols, manager in IT-Client Support and Services, said that there are some additional steps you should take with electronic information. “Don't leave files open on your computer when you walk away from your desk,” he said. “Whenever possible, store confidential information on a secure server, not on a USB drive, laptop, or desktop computer. But if you do store confidential information, for example your students' grades, on your own computer, encrypt the information.”
Sweren said that those departments, faculty, and staff that still store personal, non-public information (PNPI) locally need to encrypt this information to be in compliance with the University's PNPI policy.
“Encrypting information with a program like AxCrypt jumbles the information so that only those people who have the key or password can see the information,” Nichols added. “If you ever have to take confidential data off campus, it is essential that you encrypt the data. What if your computer is stolen or you leave the USB drive that contains the data on an airplane? Encrypting the information keeps it safe in cases like these.”
Janssen suggested that some units might prefer to use the records management program operated by University Archives and Records Management. “Our program lets you send confidential information to our secure on-site and off-site storage facilities in accordance with the records retention schedule created for your unit,” he said. “This service is available at no cost, and materials stored under the records management program are available with 24 hours notice, or on the same day in the event of an emergency.”
How should I back up confidential data?
According to Nichols, “If you store your information on a secured server, either one operated by IT or one operated by your department, the back-ups should automatically be secure. But if you back up your own files to an external drive, remember that anything you have not encrypted is vulnerable.”
Janssen indicated that it is best if back-ups of critical information -- confidential or not -- are stored “in a secured location away from your center of operations. University Archives and Records Management can store your backups within its secured facilities on campus, or can place them in secure off-campus storage.”
How do I destroy confidential data?
“We know that one way criminals find PNPI is by 'dumpster-diving' -- searching trash bins for confidential paper documents and examining hard drives on discarded computers,” Sweren said. “So it is critical that you dispose of confidential data securely.”
Janssen indicated that bulk destruction of confidential data and records is another service offered by University Archives and Records Management. “We don't charge for this service, so a unit's cost is limited to the expenses of transporting the records to 002 Pearson Hall.”
He added that a certificate of destruction is available upon request, saying, “We coordinate the destruction of data stored on both paper and electronic media, including disks, tapes, and hard drives.”
Sweren said that many departments and offices already do a good job of shredding paper documents containing PNPI, or of shipping large amounts of PNPI to Archives and Record Management's bulk destruction service, “but they forget that it takes more than deleting a computer file to completely eradicate it.”
“At our PNPI site, we have information about completely erasing files and about eradicating all the data on a disk,” Nichols said. “We recommend that, before a computer is sent to surplus or donated, that the computer's hard drive be 'wiped.'”
Sweren said that when you start working on a project that involves confidential information, “You need to develop a records retention plan that includes secure storage, limited access and the destruction of confidential information when it's no longer needed.”
“So long as faculty and staff at UD do a good job of managing the paper documents and computer files that contain confidential information, UD can avoid the problems other schools have had with stolen laptops containing Social Security numbers, credit card numbers lost to hackers and other breaches that expose people's PNPI to potential identity thieves,” Sweren concluded.
For more information:
University Archives and Records Management: 831-2750
University Archives and Records Management's Records Management Manual
Information about Software Tools to Protect PNPI