Financial Services Workshop
This presentation is the property of its rightful owner.
Sponsored Links
1 / 13

Financial Services Workshop Margaret Umphrey ECU Information Security Officer [email protected] March 12, 2014 PowerPoint PPT Presentation


  • 51 Views
  • Uploaded on
  • Presentation posted in: General

Financial Services Workshop Margaret Umphrey ECU Information Security Officer [email protected] March 12, 2014. Information Security.

Download Presentation

Financial Services Workshop Margaret Umphrey ECU Information Security Officer [email protected] March 12, 2014

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Financial services workshop margaret umphrey ecu information security officer itsecurity ecu edu march 12 2014

Financial Services Workshop

Margaret Umphrey

ECU Information Security Officer

[email protected]

March 12, 2014

IT Security, East Carolina University


Information security

Information Security

Enabling your information systems to provide the services required to meet your instructional and research goals, while protecting the critical information entrusted to you

IT Security, East Carolina University


Test your awareness skills

Test Your Awareness Skills

  • It is ok to share my login and password with my supervisor in order access my data when I’m out of the office .

  • It is ok to access my ECU email on my smartphone even though I don’t have a password.

  • Should I inform the Helpdesk if I lose my personal smartphone?

  • I love my IPAD to access ECU email! Since my ECU email has a password, it’s not important to have a pw on my IPAD.

  • If others school use a PCI compliant solution, I don’t need to get approval to use the same solution.

IT Security, East Carolina University


Information security tips

Information Security Tips

  • Use strong passwords and do not share them with ANYONE

  • Lock your computer (Ctrl-Alt-Del) when not in use

  • Lock office doors, drawers, and cabinets where sensitive information is stored

  • Never leave your laptop unattended in public

  • Encrypt all portable devices

IT Security, East Carolina University


Information security tips1

Information Security Tips

  • Consider consequences of downloading data from the ECU administrative systems (Banner, Blackboard, Electronic Health Record (EHR), etc.

  • Do not download ECU sensitive data (e.g. financial, student, patient, legal, HR) to unencrypted local devices (desktop computer, laptop, flash drive, smartphone, web pages, CLOUD, etc.)

IT Security, East Carolina University


Information security tips2

Information Security Tips

  • Password protect your smartphone

  • Be cognizant that emails on a lost smartphone can be accessible to anyone who finds it

  • Report to the helpdesk lost or stolen smartphone containing ECU data (inclusive of email)

IT Security, East Carolina University


Information security tips3

Information Security Tips

  • Use Pirate Drive, or ITCS supported servers if you must download or store sensitive data

  • Ensure you are aware of the compliance requirements for protecting your data (e.g. PCI, UNC- FIT, GLBA, FERPA, HIPAA, Legal, etc.)

IT Security, East Carolina University


Information security tips4

Information Security Tips

  • Encrypt sensitive data (e.g. student, patient, legal, HR) in storage and transmission (via email, file transfer to other agencies, portable devices, etc.)

  • Physically secure both electronic and paper files

  • Do not store backup copies of sensitive information on unencrypted storage devices (e. g. flash drives, CDs, home PC, etc.)

IT Security, East Carolina University


Information security tips5

Information Security Tips

  • Limit the services or tasks performed on your computer that are used to enter or processed sensitive data (e.g. web surfing, downloading “free apps”, Facetime)

  • If working from home, store your data on Pirate Drive and access through the virtual private network (VPN)- (data in one secure location and backed up daily)

  • If you have a laptop or ECU issued computer to work from home, use it rather than the family computer

IT Security, East Carolina University


Information security tips6

Information Security Tips

  • Ensure all data are appropriately destroyed when no longer needed

  • Address non-compliance of others in your department

  • Encourage Awareness Training for all

IT Security, East Carolina University


Information security itcs

Information Security - ITCS

  • Updating Information Security Policies, Standards and Best Practices

  • Server Administrators’ Security Best Practices

  • Best Practices for Other Areas

  • Educational and Awareness Training Program

  • Exploring Information Security Subject Matter Experts (SME)

  • IT Staffing Plan to Address IT Purchase Review

IT Security, East Carolina University


Information security itcs1

Information Security - ITCS

  • Requiring Pin for Smartphone Outlook Access

  • Flagging Sensitive Data Transmitted External to ECU

  • Sensitive Data Scanner to find sensitive data

  • Mobile Device Management for Smartphone

  • Network Access Control for enhanced security

  • Log Management for audit logs

  • Internal Dropbox solution

IT Security, East Carolina University


Resources

Resources

  • ITCS www.ecu.edu/ITCS

  • IT Security www.ecu.edu/itsecurity

  • Pirate Drive www.ecu.edu/piratedrive

  • ITCS Helpdesk @ 252-328-9866

    • Assistance and Consultation

IT Security, East Carolina University


  • Login