ADVERTISEMENT
- Rozovsky wins prestigious NSF Early Career Award
- UD students meet alumni, experience 'closing bell' at NYSE
- Newark Police seek assistance in identifying suspects in robbery
- Rivlin says bipartisan budget action, stronger budget rules key to reversing debt
- Stink bugs shouldn't pose problem until late summer
- Gao to honor Placido Domingo in Washington performance
- Adopt-A-Highway project keeps Lewes road clean
- WVUD's Radiothon fundraiser runs April 1-10
- W.D. Snodgrass Symposium to honor Pulitzer winner
- New guide helps cancer patients manage symptoms
- UD in the News, March 25, 2011
- For the Record, March 25, 2011
- Public opinion expert discusses world views of U.S. in Global Agenda series
- Congressional delegation, dean laud Center for Community Research and Service program
- Center for Political Communication sets symposium on politics, entertainment
- Students work to raise funds, awareness of domestic violence
- Equestrian team wins regional championship in Western riding
- Markell, Harker stress importance of agriculture to Delaware's economy
- Carol A. Ammon MBA Case Competition winners announced
- Prof presents blood-clotting studies at Gordon Research Conference
- Sexual Assault Awareness Month events, programs announced
- Stay connected with Sea Grant, CEOE e-newsletter
- A message to UD regarding the tragedy in Japan
- More News >>
- March 31-May 14: REP stages Neil Simon's 'The Good Doctor'
- April 2: Newark plans annual 'wine and dine'
- April 5: Expert perspective on U.S. health care
- April 5: Comedian Ace Guillen to visit Scrounge
- April 6, May 4: School of Nursing sponsors research lecture series
- April 6-May 4: Confucius Institute presents Chinese Film Series on Wednesdays
- April 6: IPCC's Pachauri to discuss sustainable development in DENIN Dialogue Series
- April 7: 'WVUDstock' radiothon concert announced
- April 8: English Language Institute presents 'Arts in Translation'
- April 9: Green and Healthy Living Expo planned at The Bob
- April 9: Center for Political Communication to host Onion editor
- April 10: Alumni Easter Egg-stravaganza planned
- April 11: CDS session to focus on visual assistive technologies
- April 12: T.J. Stiles to speak at UDLA annual dinner
- April 15, 16: Annual UD push lawnmower tune-up scheduled
- April 15, 16: Master Players series presents iMusic 4, China Magpie
- April 15, 16: Delaware Symphony, UD chorus to perform Mahler work
- April 18: Former NFL Coach Bill Cowher featured in UD Speaks
- April 21-24: Sesame Street Live brings Elmo and friends to The Bob
- April 30: Save the date for Ag Day 2011 at UD
- April 30: Symposium to consider 'Frontiers at the Chemistry-Biology Interface'
- April 30-May 1: Relay for Life set at Delaware Field House
- May 4: Delaware Membrane Protein Symposium announced
- May 5: Northwestern University's Leon Keer to deliver Kerr lecture
- May 7: Women's volleyball team to host second annual Spring Fling
- Through May 3: SPPA announces speakers for 10th annual lecture series
- Through May 4: Global Agenda sees U.S. through others' eyes; World Bank president to speak
- Through May 4: 'Research on Race, Ethnicity, Culture' topic of series
- Through May 9: Black American Studies announces lecture series
- Through May 11: 'Challenges in Jewish Culture' lecture series announced
- Through May 11: Area Studies research featured in speaker series
- Through June 5: 'Andy Warhol: Behind the Camera' on view in Old College Gallery
- Through July 15: 'Bodyscapes' on view at Mechanical Hall Gallery
- More What's Happening >>
- UD calendar >>
- Middle States evaluation team on campus April 5
- Phipps named HR Liaison of the Quarter
- Senior wins iPad for participating in assessment study
- April 19: Procurement Services schedules information sessions
- UD Bookstore announces spring break hours
- HealthyU Wellness Program encourages employees to 'Step into Spring'
- April 8-29: Faculty roundtable series considers student engagement
- GRE is changing; learn more at April 15 info session
- April 30: UD Evening with Blue Rocks set for employees
- Morris Library to be open 24/7 during final exams
- More Campus FYI >>
1:44 p.m., Oct. 22, 2009----Not a month goes by without a computer security breach being reported in the press.
“Earlier this month, the University of North Carolina had to notify subjects in a medical study that their personal information had been exposed,” Scott Sweren, UD's information security officer, said. “And a community college in New York had to hire a firm to monitor the credit reports for 300 students whose social security numbers were accidentally distributed via e-mail.”
Sweren said that avoiding situations like these is why UD Information Technologies staff take advantage of National Cyber Security Awareness Month to remind faculty and staff that information security is everyone's business.
How should I store confidential information?
According to Ian Janssen, director of University Archives and Records Management, you should start with some common sense steps. “Take simple precautions to protect confidential information, in both portable electronic storage media and hard-copy formats,” he said. “Always store confidential material in locked cabinets when stored within your unit, and limit physical access to only those individuals who actually need to use the information.”
Ron Nichols, manager in IT-Client Support and Services, said that there are some additional steps you should take with electronic information. “Don't leave files open on your computer when you walk away from your desk,” he said. “Whenever possible, store confidential information on a secure server, not on a USB drive, laptop, or desktop computer. But if you do store confidential information, for example your students' grades, on your own computer, encrypt the information.”
Sweren said that those departments, faculty, and staff that still store personal, non-public information (PNPI) locally need to encrypt this information to be in compliance with the University's PNPI policy.
“Encrypting information with a program like AxCrypt jumbles the information so that only those people who have the key or password can see the information,” Nichols added. “If you ever have to take confidential data off campus, it is essential that you encrypt the data. What if your computer is stolen or you leave the USB drive that contains the data on an airplane? Encrypting the information keeps it safe in cases like these.”
Janssen suggested that some units might prefer to use the records management program operated by University Archives and Records Management. “Our program lets you send confidential information to our secure on-site and off-site storage facilities in accordance with the records retention schedule created for your unit,” he said. “This service is available at no cost, and materials stored under the records management program are available with 24 hours notice, or on the same day in the event of an emergency.”
How should I back up confidential data?
According to Nichols, “If you store your information on a secured server, either one operated by IT or one operated by your department, the back-ups should automatically be secure. But if you back up your own files to an external drive, remember that anything you have not encrypted is vulnerable.”
Janssen indicated that it is best if back-ups of critical information -- confidential or not -- are stored “in a secured location away from your center of operations. University Archives and Records Management can store your backups within its secured facilities on campus, or can place them in secure off-campus storage.”
How do I destroy confidential data?
“We know that one way criminals find PNPI is by 'dumpster-diving' -- searching trash bins for confidential paper documents and examining hard drives on discarded computers,” Sweren said. “So it is critical that you dispose of confidential data securely.”
Janssen indicated that bulk destruction of confidential data and records is another service offered by University Archives and Records Management. “We don't charge for this service, so a unit's cost is limited to the expenses of transporting the records to 002 Pearson Hall.”
He added that a certificate of destruction is available upon request, saying, “We coordinate the destruction of data stored on both paper and electronic media, including disks, tapes, and hard drives.”
Sweren said that many departments and offices already do a good job of shredding paper documents containing PNPI, or of shipping large amounts of PNPI to Archives and Record Management's bulk destruction service, “but they forget that it takes more than deleting a computer file to completely eradicate it.”
“At our PNPI site, we have information about completely erasing files and about eradicating all the data on a disk,” Nichols said. “We recommend that, before a computer is sent to surplus or donated, that the computer's hard drive be 'wiped.'”
Sweren said that when you start working on a project that involves confidential information, “You need to develop a records retention plan that includes secure storage, limited access and the destruction of confidential information when it's no longer needed.”
“So long as faculty and staff at UD do a good job of managing the paper documents and computer files that contain confidential information, UD can avoid the problems other schools have had with stolen laptops containing Social Security numbers, credit card numbers lost to hackers and other breaches that expose people's PNPI to potential identity thieves,” Sweren concluded.
For more information:
University Archives and Records Management: 831-2750
University Archives and Records Management's Records Management Manual
Information about Software Tools to Protect PNPI