1 / 54

Information Security Decision- Making Tool

Determine how to protect your data appropriately by answering a series of questions about the type of data you have and how you work with it. Make informed decisions to safeguard your information.

reginaw
Download Presentation

Information Security Decision- Making Tool

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Security Decision- Making Tool What kind of data do I have and how do I protect it appropriately? Continue Information Security decision making tool 1

  2. Choose the menu option which best describes how you are working with LSE Information. You may use this several times for different aspects of your work Research Exam information HR or other confidential records Financial records Other types of work with LSE information Information Security decision making tool 2

  3. Do you keep HR records on other people or yourself? Including our own career development review or documents No Yes Information Security decision making tool 3

  4. This information is confidential Continue to find out more… Continue Information Security decision making tool 4

  5. Do you keep sensitive information on individuals? Excluding contact details for colleagues that is freely given No Yes Information Security decision making tool 5

  6. Do you keep sensitive information on exams? Including papers, results, discussions about questions or candidates Yes No Information Security decision making tool 6

  7. Do you keep financial records? Excluding published company accounts that are in the public domain No Yes Information Security decision making tool 7

  8. Is the information held on paper? No Yes Information Security decision making tool 8

  9. Keep it in a lockable cabinet Continue to find out more… Continue Information Security decision making tool 9

  10. Do you protect electronic information with MS Office passwords? No Yes Information Security decision making tool 10

  11. Your information is not secure enough with this alone. Continue to find out more… Continue Information Security decision making tool 11

  12. Do you keep it on H space or a shared drive with appropriate folder permissions? Don’t Know Yes No Information Security decision making tool 12

  13. Good Click here for more information Continue to finish this session or Home to go back to the beginning Continue Information Security decision making tool 13

  14. Do you protect it with file encryption? No Yes Information Security decision making tool 14

  15. Good Click here for more information Continue to finish this session or Home to go back to the beginning Continue Information Security decision making tool 15

  16. Where do you keep the electronic data and reports you work on? On H space or a shared drive or SharePoint only? No Yes Information Security decision making tool 16

  17. Where do you keep the electronic data and reports you work on? On Local drive, Laptop, tablet, smart phone or other device? No Yes Information Security decision making tool 17

  18. Using these drives should keep your information secure but check folder and file permissions to make sure the ‘need to know’ principle is applied. Click here for more information Information on shared drives is backed-up at least once a day. Continue to find out more… Continue Information Security decision making tool 18

  19. Your information is at risk. If you can share it with your team put it on a shared drive to keep it secure and check folder and file permissions to make sure the ‘need to know’ principle is applied. Click here for more information If your info cannot be shared email IMT for advice now Continue to finish this session or Home to go back to the beginning Continue Information Security decision making tool 19

  20. Do you use a database or spreadsheet to record information? No Yes Information Security decision making tool 20

  21. Do you ever work away from your desk? No Yes Information Security decision making tool 21

  22. Where do you keep the files you access remotely? No Yes On H space or shared drive or SharePoint only? Information Security decision making tool 22

  23. Using these drives should keep your information secure but check folder and file permissions to make sure the ‘need to know’ principle is applied. Click here for more information Information on shared drives is backed-up at least once a day. Continue to find out more… Continue Information Security decision making tool 23

  24. Where do you keep the files you access remotely? Dropbox, Google Docs, One Drive or other cloud based storage? No Yes Information Security decision making tool 24

  25. Where do you keep the files you access remotely? Memory stick, CD, DVD, Floppy disk or other storage media? No Yes Information Security decision making tool 25

  26. Your information could be at risk. Click here for more information If you can share it with your team put it on a shared drive to keep it secure. If your info cannot be shared, email IMT for advice now. Continue to find out more… Continue Information Security decision making tool 26

  27. Your information could be at risk. Click here for more information If you can share it with your team put it on a shared drive to keep it secure. If your info cannot be shared, email IMT for advice now. Continue to finish this session or Home to go back to the beginning Continue Information Security decision making tool 27

  28. Is your data sensitive or confidential? No Yes Information Security decision making tool 28

  29. Have you signed a funding contract? No Yes Information Security decision making tool 29

  30. Is the LSE the project lead? Yes No Information Security decision making tool 30

  31. Follow the project lead’s guidelines on securing information. Click Finish If you need advice to comply with guidelines, email IMT or the Data Librarian. Click Finish If no guidelines are available Continue to find out more… Finish Continue Information Security decision making tool 31

  32. Does your research contract specify information security requirements? No Yes Information Security decision making tool 32

  33. Can you meet the security requirements? Don’t Know No Yes Information Security decision making tool 33

  34. Comply with the contract. Continue to find out more… Continue Information Security decision making tool 34

  35. Email IMT or the Data Librarian for advice. Continue to finish this session or Home to go back to the beginning Continue Information Security decision making tool 35

  36. Do/will you keep sensitive personal data? Examples: racial/ethnic origin, political opinion, religious beliefs, trade union membership, physical/mental health condition, sexual life, criminal records No Yes Information Security decision making tool 36

  37. Do/will you keep personal financial data/reports on financially sensitive subjects Examples: bank and salary details Yes No Information Security decision making tool 37

  38. Do you keep sensitive information on individuals? Examples: interview transcripts, databases of individual information No Yes Information Security decision making tool 38

  39. Do you need to share data with academic partners? Yes No Information Security decision making tool 39

  40. Do you use SharePoint? No Yes Information Security decision making tool 40

  41. Have you or the site owner received SharePoint training? No Yes Information Security decision making tool 41

  42. Check that the permissions on your site are accurate and that all data is appropriate For more information click here Continue to find out more… Continue Information Security decision making tool 42

  43. Contact IMT now for appropriate training options Continue to find out more… Continue Information Security decision making tool 43

  44. Email IMT for advice now. Continue to find out more… Continue Information Security decision making tool 44

  45. Are you in the end-of-project phase? No Yes Information Security decision making tool 45

  46. Email the Data Librarian for advice. Continue to find out more… Continue Information Security decision making tool 46

  47. Is the information held on paper? No Yes Information Security decision making tool 47

  48. Keep it in a lockable cabinet. Continue to find out more… Continue Information Security decision making tool 48

  49. Thank you for completing the Information Security decision- making tool. Email IMT if you have any further queries or concerns or if there is anything else you think we should include in this tool. Finish Information Security decision making tool 49

  50. Access control systems are in place to protect the interests of all authorised users of LSE IT systems by providing a safe, secure and accessible environment in which to work. Access rights will be accorded following the principles of least privilege and need to know. Access to LSE IT resources and services will be given through the provision of a unique user account and complex password. For further reading, click this link. http://www.lse.ac.uk/intranet/LSEServices/policies/pdfs/school/acc ConPol.pdf Continue Information Security decision making tool 50

More Related