1 / 9

Was That a Data Breach?

Was That a Data Breach?. KDE Employee Training. What IS a Data Breach?. Unauthorized release (loss or theft) of Sensitive or Confidential Data, such as PII, PHI, etc. On site or in the cloud; doesn’t matter Breach can take many different forms Illegal Access Lost, stolen equipment

rafael-day
Download Presentation

Was That a Data Breach?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Was That a Data Breach? KDE Employee Training

  2. What IS a Data Breach? • Unauthorized release (loss or theft) of Sensitive or Confidential Data, such as PII, PHI, etc. • On site or in the cloud; doesn’t matter • Breach can take many different forms • Illegal Access • Lost, stolen equipment • Negligence leading to opportunity • Failure of the system or policy • What if nobody saw the data?

  3. Breaches Over Time (uh-oh) Chart from Datalossdb.org

  4. What are Sensitive Data? • Sensitive Data Can Take Many Forms • Social Security Numbers • Credit card numbers, • Health records • Network information such as IP addresses and server names • See the other video in this series for more on this topic

  5. Why Would Data be Stolen? • For LOTS of Different Reasons, Depending on the Industry • When Data are Stolen from Educational Institutions, it’s Usually: • To make fraudulent purchases • To get loans or credit • To create whole new identities

  6. Are There Breach Laws? • There is No National Data Breach Law • But… • Nearly every state, including Kentucky, has its own laws • Kentucky House Bills 5 and 232 were approved in 2014 • The Family Education Rights Privacy Act (FERPA) doesn’t really help

  7. How Can I Prevent a Breach? • Don’t Download Sensitive and Confidential Information • Identify what PII You do Have • Clean House! • Get rid of any PII you don’t need to keep • Protect all the PII you Must Keep: • Secure your devices with PINS and Passwords • Encrypt • Use Strong Account Passwords • Working Offsite can Increase Risk • Keep track of your stuff • Protect your stuff • Use the VPN

  8. What Should I Do? • If you believe you have a breach on your hands, Contact, if possible and in this order • The KETS Service Desk (they will start the ball rolling) • Your direct supervisor • Don’t delete anything, BUT • Secure the data as soon as possible

  9. Final Thought Do unto others’ data as you would have done to your own!

More Related