Information Security Training
Storing Sensitive Data
(Courtesy of ISO, University of Tennessee)
To watch the video, click on the icon below that
matches your media player. If you don't have a player,
go to our
download page. If you need a video with
text captions, please visit our
text-captioned page. |
|
Storing Sensitive Data and Information
Protecting ones personal information is everybody’s business.
Identity theft is a serious problem and must be taken seriously.
For those who have experienced having their identity taken from
them, it is an excruciating experience and it affects more than
just the person whose identity is stolen. It can also affect a
spouse or family as well.
Because of technology, the world is a different place. Today,
criminals no longer have to break a window or pick a lock in
order to get into ones home or business. Technology provides an
easier avenue to enter using the Internet to obtain personal
information that one thought was safe. Many of these criminals
are thousands of miles away in a small town or big city.
The first thing a hacker will do is break into your computer
and steal your private information. You should make it as
difficult as possible for anyone to obtain this information.
Some ways to protect you, your family, and friends from this
unseen predator:
- Make sure all your PCs and computer accounts have a
strong password
- Make sure your computer is patched to include the
operating system and all applications
- Practice smart Internet habits when doing online
financial transactions. Be selective of the sites you visit
and check security level of web pages that require you to
enter personal information.
- Before entering any personal information on a web site,
make sure that the communications is encrypted. To verify
this, look at the browser window at the bottom of the screen
for an object that looks like a lock. If the lock is locked,
the transmission is encrypted.
- Check the address line in the browser window for an
address that starts with https://. This is another
indication that the transmission is secure.
- Avoid copying or downloading sensitive data from
University administrative systems to your PC, Web server,
Pocket PC, Notebook PC, etc. unless absolutely required for
your job.
- Avoid creating databases or applications that use SSN as
identifiers. Utilize or means of ID such as the Towson U ID
number.
- Do not send un-encrypted sensitive data via e-mail.
E-mail messages can be intercepted by third parties or
mistakenly sent to the wrong address.
- Protect printed sensitive data. Store sensitive data in
a locked container. Don’t leave unattended sensitive data on
a copier, fax or printer. Shred sensitive data needs to be
disposed of.
- Avoid social engineers who try to get you to share
sensitive information on the phone or by other means.
- Any computer must be sanitized in accordance with OTS or
local policy before disposal or transference of ownership to
an outside organization.
What more?
If you need further assistance, email
infosec@towson.edu for
help.
Information Security Office
Office of Technology Services
Cook Library, 4
Hours: Monday - Friday, 8:30 a.m. to 4:00 p.m.
E-mail: infosec@towson.edu
Administration and Finance Questions
|
