Information Security

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Information Security"

Transcription

1 Information Security

2 Table of Contents Statement of Confidentiality and Responsibility... 2 Policy and Regulation... 2 Protect Our Information... 3 Protect Your Account... 4 To Change Your Password... 5 Secure Your Desktop... 6 Stay Safe Online... 6 Exercises... 8 Information Security - Introduction 1

3 Statement of Confidentiality and Responsibility I understand that this administrative office account is assigned to me at the request of the Department Head to be used only in connection with my assigned duties as an employee of the University and may be revoked without notice upon the request of this administrator. I understand and accept the following terms and conditions: I am aware that passwords are the first line of security on BANNER. I agree not to reveal my password nor allow anyone to use the account assigned to me. I am responsible for any changes made to the database under my user name. I agree to abide by the Family Education Rights and Privacy Act of 1974 (FERPA) regulations. Under this act, information about current and former MSU students is legally designated as private. I agree to refer all outside request for student information to the Office of the Registrar, unless I have been authorized by the Registrar to release pre-designated information. I must maintain the confidentiality of any and all data that I retrieve from BANNER in the course of my job duties, including data that I use for reporting purposes or in other software products. Access to administrative data will be determined by the requirements of my job, and therefore I am only authorized to retrieve this data on a need to know basis. I agree to comply with all institutional policies on security, computer access, confidentiality of data, data standards, and data integrity. I am aware that any violation of these policies may lead to the immediate suspension of my computer privileges. I understand that unauthorized release of sensitive or restricted information is a breach of data security and may be cause for disciplinary action, which could include dismissal. Policy and Regulation Policies are the foundation on which all standards and guidelines are based. It is the responsibility of all members of the University community to have an understanding of the security policies that are currently in place. Board of Regents (BOR) Policies The BOR has published several policies governing information technology for the Montana University System. These can be found in Section 1300 of the Board of Regents Policy and Procedures Manual available on the Web at: Information Security - Introduction 2

4 Montana State University Policies MSU continues to develop information technology related policies. The following policies exist to address the address the growing threat to information security: o Campus Network Policy o Network Connected Device Standards o Network Acceptable Use Policy (under development) The policies can be reviewed on the MSU Web site at: Many of the policies governing information technology practices have been developed in direct response to the government regulations that the University must abide by. These regulations help protect the privacy and integrity of personal information about University constituents. It is not only in our best interest to comply with these guidelines, it is also required by law. The University has published policies and guidelines to ensure compliance with the following regulations: Family Education Rights and Privacy Act (FERPA) - Addressing the privacy of student education records. o Protects the privacy of student educational records, requiring written permission in order to release information. - Contact the Registrar s office (x2601) if you ever have any questions about FERPA Gramm-Leach-Bliley (GLB) - Addressing the privacy of personal financial information. o Requires limits and controls on sharing financial information, allowing customers to restrict such activity. Protect Our Information As a user of the Banner system, you have access to sensitive information that is protected under these policies and regulations. This information should be considered a vital asset of the University and as such must be protected. There are several considerations that must be taken into account for each of the above regulations and policies in order to ensure compliance. The following points outline the areas normally addressed as a starting point for a secure, compliant environment: Documented practices and procedures System and network hardening Physical security Access control Data availability and integrity assurance On-going assessment and auditing Incident handling Information Security - Introduction 3

5 As an individual, you play a role in several of these areas including physical security, access control, and assurance of integrity of the data we seek to protect. Please take the time to review the Data Stewardship Guidelines which outline the appropriate ways to recognize and handle sensitive information: In general, recognizing sensitive information such as social security numbers, student grades, credit card information, or other personally identifiable information and handling this data appropriately is an integral part of your job. Be sure to remember that generated IDs (GIDs) are sensitive information. Take care when printing reports containing this information and be sure to use secure methods for any transmissions containing sensitive data. The IT Center manages Knox, a server that utilizes encryption to protect sensitive data such as student and employee records. Unlike other servers, Knox is centrally funded. For MSU employees, it is free for appropriate use. To request a Knox folder send an to Be sure to include a description of what you will be storing, who will be needing access, and what type of access will be needed by each individual (Read/Write or Read-Only.) You may also include a desired folder name. For employees who work remotely, secure connectivity is provided via the MSU virtual private network (VPN). You can find VPN instructions at: Most exposures of sensitive information occur simply because the individual handling them makes a mistake regarding where they put it, how they store it or where they send it. Remember to always think twice about doing anything with sensitive data, and if you ever have a question about what would constitute sensitive data, how to handle it or where to store it please don t hesitate to contact one of the references listed at the end of this section. Requesting Your Banner Account To request a new Banner account, or to request changes to an existing account, visit and click on the New Banner Account Request link. This will bring you to the request form. Fill out the information relevant to your request and then review and submit the form. Once your request has been completed you will receive notification. Protect Your Account Your Banner USERNAME has two primary functions: It determines your personal authority within the various modules (that is, your access to menus, forms and data elements required for query and maintenance activity). Information Security - Introduction 4

6 It is recorded as an electronic signature on each update transaction completed during your logon session. Because access within Banner forms is based on individual job responsibilities, it is important that only you use your personal electronic signature. To keep that USERNAME secure, when you first receive an assigned password for a Banner instance, use the password-change form described below to change the original assignment to a personal code that cannot be easily guessed by others. Use the password-change form whenever you feel your logon might have been compromised. In addition, it is good practice to change your password periodically (at least once every six (6) months). Consider the following when choosing a password to secure your electronic signature: Passwords must be a minimum of eight (8) characters long. Passwords must contain at least one letter of the alphabet, at least one number (but DO NOT use a number as the first character), and at least one special character listed below. Do not use a dictionary word or something that could be easily associated with you personally (for example, James Bond should not use IAM007). Consider using a pass phrase that will help you remember your password. For example: Bobcats are number one = B0bktzR_nmbr1! (note that the letter o is replaced with the number 0 ) Valid password characters are: All upper and lower case letters All numbers The following five special characters:! + - _ Once you have selected your new password, DO NOT SHARE IT WITH ANYONE. To Change Your Password 1. Access form GUAPSWD (or you can click the Change Password link on the right-hand side of the form you see when you open Banner). 2. Key your old password in the Oracle Password field, and click in the New Oracle Password field. 3. Choose a personal password based on the considerations outlined above 4. Key your new password in both the New Oracle Password and the Verify Password fields. 5. Click the Save button or press the F10 key. 6. Use your new password the next time you log on for a Banner session. Important note: If you forget your password, contact the Banner Security Administrator at Information Security - Introduction 5

7 Secure Your Desktop Remember to never store any sensitive information on your desktop. You can take several simple steps to ensure the security of your desktop. These include: keep your operating system up to date with current patches and releases run current anti-virus (McAfee) and anti-spyware software (such as Windows Defender) keep your applications up to date enable your personal firewall ensure that you have a password protected screen saver and that you manually lock your screen whenever you leave your area For assistance with any of these items, be sure to contact your Help Desk: Stay Safe Online Using common sense when browsing the Internet, handling , and instant messaging will go a long way to keeping your safe from most exploits but some malicious attacks can be difficult to detect if you don t know what to look for. While logged into Banner Self-Service be sure not to click any links that you receive through , instant messenger or a similar manner. Clicking the link could allow a hacker to execute commands through your account to either change information or receive sensitive data from Banner. Beware if you receive s requesting confirmation of financial account data or other personal information. These phishing scams can appear to be legitimate communications from various institutions (Citibank, ebay, PayPal, etc) but in fact are fraudulent attempts at gaining access to your private information. Legitimate entities will not send messages requesting that you enter personal information. When in doubt, delete the message and initiate the communication with the entity either by phone or by opening a new Web browser and entering the correct URL manually. In addition, use caution when downloading items from the Internet and visiting web sites. Spyware and Malware can not only affect the performance of your desktop but software such as keyloggers can reveal your passwords to others on the Internet. When communicating via , it is important to know that your communications are not secure and can be intercepted. Sensitive information should not be sent via messages or attachments. Information Security - Introduction 6

8 Resources Your Help Desk x1777 Banner Security Justin van Almelo Banner Security Associate x7464 Rich Shattuck Network Security Systems Analyst x7930 Brandon Hardin Web Security Analyst x3271 Adam Edelman Chief Security Officer x5091 Information Security - Introduction 7

9 Exercises 1. Under FERPA, the following activities are permissible: A. Releasing student grades over the telephone when the caller insists. B. Post a report listing student name, social security number, enrollment status, and GPA of all undergraduate students on the MSU Web site. C. Provide student transcripts to anyone without written consent from the student. D. None of the above. 2. When choosing a password, which of the following options describe the best approach? A. Using your dog s name. B. An 8 or more character mix of letters, numbers, and special characters, such as B1rDW!cH C. Any password less than 8 characters. D. Using your phone number. 3. On your Windows XP desktop, if a message pops up stating Updates are Ready for Your Computer. Click Here to Install, you should: A. Go home and take the rest of the week off. B. Ignore the message and continue working. C. Click the icon to install the updates as soon as possible. D. Post student information on the MSU Web site. 4. When storing reports containing sensitive information on your desktop, you should always be sure to: A. Include credit card numbers, social security numbers, student grades, other personally identifiable information. B. Leave your password written on a Post-It on your monitor in case anyone needs access to the information. C. Not tell anyone. D. None of the above. You should never store sensitive information on your desktop. answers: 1. D, 2. B, 3. C, 4. D Information Security - Introduction 8

Hang Seng HSBCnet Security. May 2016

Hang Seng HSBCnet Security. May 2016 Hang Seng HSBCnet Security May 2016 1 Security The Bank aims to provide you with a robust, reliable and secure online environment in which to do business. We seek to achieve this through the adoption of

More information

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange The responsibility of safeguarding your personal information starts with you. Your information is critical and it must be protected from unauthorised disclosure, modification or destruction. Here we are

More information

Cyber Security. Maintaining Your Identity on the Net

Cyber Security. Maintaining Your Identity on the Net Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD

More information

Remote Desktop Administration

Remote Desktop Administration Remote Desktop Administration What is it? Remote Desktop Administration allows a user with appropriate privileges to connect to his/her computer at Rice from another computer, similar to the way one may

More information

Auburn Montgomery. Registration and Security Policy for AUM Servers

Auburn Montgomery. Registration and Security Policy for AUM Servers Auburn Montgomery Title: Responsible Office: Registration and Security Policy for AUM Servers Information Technology Services I. PURPOSE To outline the steps required to register and maintain departmental

More information

National Cyber Security Month 2015: Daily Security Awareness Tips

National Cyber Security Month 2015: Daily Security Awareness Tips National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.

More information

Network and Workstation Acceptable Use Policy

Network and Workstation Acceptable Use Policy CONTENT: Introduction Purpose Policy / Procedure References INTRODUCTION Information Technology services including, staff, workstations, peripherals and network infrastructures are an integral part of

More information

Common Cyber Threats. Common cyber threats include:

Common Cyber Threats. Common cyber threats include: Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...

More information

Business ebanking Fraud Prevention Best Practices

Business ebanking Fraud Prevention Best Practices Business ebanking Fraud Prevention Best Practices User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters, numbers, and special

More information

Computer Security and Privacy

Computer Security and Privacy Computer Security and Privacy 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Guidelines for Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures

More information

Frequently Asked Questions (FAQ)

Frequently Asked Questions (FAQ) Your personal information and account security is important to us. This product employs a Secure Sign On process that includes layers of protection at time of product log in to mitigate risk, and thwart

More information

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Business Internet Banking / Cash Management Fraud Prevention Best Practices Business Internet Banking / Cash Management Fraud Prevention Best Practices This document provides fraud prevention best practices that can be used as a training tool to educate new Users within your organization

More information

Reliance Bank Fraud Prevention Best Practices

Reliance Bank Fraud Prevention Best Practices Reliance Bank Fraud Prevention Best Practices May 2013 User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters and numbers.

More information

Hamilton College Administrative Information Systems Security Policy and Procedures. Approved by the IT Committee (December 2004)

Hamilton College Administrative Information Systems Security Policy and Procedures. Approved by the IT Committee (December 2004) Hamilton College Administrative Information Systems Security Policy and Procedures Approved by the IT Committee (December 2004) Table of Contents Summary... 3 Overview... 4 Definition of Administrative

More information

Central Texas College District Human Resource Management Operating Policies and Procedures Manual Policy No. 294: Computer Security Policy

Central Texas College District Human Resource Management Operating Policies and Procedures Manual Policy No. 294: Computer Security Policy Central Texas College District Human Resource Management Operating Policies and Procedures Manual Policy No. 294: Computer Security Policy I. PURPOSE To identify the requirements needed to comply with

More information

Franciscan University of Steubenville Information Security Policy

Franciscan University of Steubenville Information Security Policy Franciscan University of Steubenville Information Security Policy Scope This policy is intended for use by all personnel, contractors, and third parties assisting in the direct implementation, support,

More information

CITY OF BOULDER *** POLICIES AND PROCEDURES

CITY OF BOULDER *** POLICIES AND PROCEDURES CITY OF BOULDER *** POLICIES AND PROCEDURES CONNECTED PARTNER EFFECTIVE DATE: SECURITY POLICY LAST REVISED: 12/2006 CHRISS PUCCIO, CITY IT DIRECTOR CONNECTED PARTNER SECURITY POLICY PAGE 1 OF 9 Table of

More information

Safe Practices for Online Banking

Safe Practices for Online Banking November 2012 Follow these guidelines to help protect your information while banking online. At First Entertainment Credit Union, our goal is to provide you with the best all around banking experience.

More information

California State University, Sacramento INFORMATION SECURITY PROGRAM

California State University, Sacramento INFORMATION SECURITY PROGRAM California State University, Sacramento INFORMATION SECURITY PROGRAM 1 I. Preamble... 3 II. Scope... 3 III. Definitions... 4 IV. Roles and Responsibilities... 5 A. Vice President for Academic Affairs...

More information

Infocomm Sec rity is incomplete without U Be aware,

Infocomm Sec rity is incomplete without U Be aware, Infocomm Sec rity is incomplete without U Be aware, responsible secure! HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD [ 2 ] FASTEN

More information

UF IT Risk Assessment Standard

UF IT Risk Assessment Standard UF IT Risk Assessment Standard Authority This standard was enacted by the UF Senior Vice President for Administration and the UF Interim Chief Information Officer on July 10, 2008 [7]. It was approved

More information

Cyber Security Awareness

Cyber Security Awareness Cyber Security Awareness User IDs and Passwords Home Computer Protection Protecting your Information Firewalls Malicious Code Protection Mobile Computing Security Wireless Security Patching Possible Symptoms

More information

Security Awareness. ITS Security Training. Fall 2015

Security Awareness. ITS Security Training. Fall 2015 Security Awareness ITS Security Training Fall 2015 Why am I here? Isn t security an IT problem? Technology can address only a fraction of security risks. You are a primary target, or rather, your data

More information

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS $ ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS Boston Private Bank & Trust Company takes great care to safeguard the security of your Online Banking transactions. In addition to our robust security

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Information Security. Louis Morgan, CISSP Information Security Officer

Information Security. Louis Morgan, CISSP Information Security Officer Information Security By Louis Morgan, CISSP Information Security Officer Why Bother with IT Security? Recent estimate - 900 million personal computers worldwide. Computer hackers are out there. How long

More information

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Lee Zelyck Network Administrator Regina Public Library Malware, Spyware, Trojans

More information

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background: 1. Do you implement virus controls and filtering on all systems? Anti-Virus anti-virus software packages look for patterns in files or memory that indicate the possible presence of a known virus. Anti-virus

More information

Peace Corps Office of the OCIO Information and Information Technology Governance and Compliance Rules of Behavior for General Users

Peace Corps Office of the OCIO Information and Information Technology Governance and Compliance Rules of Behavior for General Users Table of Contents... 1 A. Accountability... 1 B. System Use Notification (Login Banner)... 1 C. Non-... 1 D. System Access... 2 E. User IDs... 2 F. Passwords... 2 G. Electronic Information... 3 H. Agency

More information

Security Tips You are here: Home» Security Tips

Security Tips You are here: Home» Security Tips Security Tips You are here: Home» Security Tips Click on a the Security Icon to view detailed information on: Responsibility of the Bank Password Policy Guide Online Security Internet Security Tips Scam

More information

Introduction to Computing @ WSU

Introduction to Computing @ WSU Introduction to Computing @ WSU Table of Contents 1 - Information Technology (IT) Security... 2 Information to Remember... 2 2 - Malware... 2 Information to Remember... 3 3 - Firewalls... 3 Information

More information

Chronic Disease Management

Chronic Disease Management RESOURCE AND PATIENT MANAGEMENT SYSTEM Chronic Disease Management (BCDM) Version 1.0 Office of Information Technology (OIT) Division of Information Resource Management Albuquerque, New Mexico Table of

More information

College of DuPage Information Technology. Information Security Plan

College of DuPage Information Technology. Information Security Plan College of DuPage Information Technology Information Security Plan April, 2015 TABLE OF CONTENTS Purpose... 3 Information Security Plan (ISP) Coordinator(s)... 4 Identify and assess risks to covered data

More information

NATIONAL CREDIT UNION ADMINISTRATION CREDIT UNION ONLINE: CREDIT UNION PROFILE AND 5300 CALL REPORT

NATIONAL CREDIT UNION ADMINISTRATION CREDIT UNION ONLINE: CREDIT UNION PROFILE AND 5300 CALL REPORT NATIONAL CREDIT UNION ADMINISTRATION CREDIT UNION ONLINE: CREDIT UNION PROFILE AND 5300 CALL REPORT INSTRUCTION GUIDE For Natural Person Credit Unions NCUA 10200 (REV 4) Table of Contents A. Introduction...

More information

Remote Deposit Quick Start Guide

Remote Deposit Quick Start Guide Treasury Management Fraud Prevention How to Protect Your Business Remote Deposit Quick Start Guide What s Inside We re committed to the safety of your company s financial information. We want to make you

More information

HIPAA Compliance Evaluation Report

HIPAA Compliance Evaluation Report Jun29,2016 HIPAA Compliance Evaluation Report Custom HIPAA Risk Evaluation provided for: OF Date of Report 10/13/2014 Findings Each section of the pie chart represents the HIPAA compliance risk determinations

More information

An Introduction on How to Better Protect Your Computer and Sensitive Data

An Introduction on How to Better Protect Your Computer and Sensitive Data An Introduction on How to Better Protect Your Computer and Sensitive Data Common Security Problems Computer users who fail to use strong passwords Constant attacks by viruses, worms, key loggers and bots

More information

Keeping Windows 8.1 safe and secure

Keeping Windows 8.1 safe and secure Keeping Windows 8.1 safe and secure 14 IN THIS CHAPTER, YOU WILL LEARN HOW TO Work with the User Account Control. Use Windows Firewall. Use Windows Defender. Enhance the security of your passwords. Security

More information

Boston University Security Awareness. What you need to know to keep information safe and secure

Boston University Security Awareness. What you need to know to keep information safe and secure What you need to know to keep information safe and secure Introduction Welcome to Boston University s Security Awareness training. Depending on your reading speed, this presentation will take approximately

More information

Cyber Security Awareness

Cyber Security Awareness Cyber Security Awareness William F. Pelgrin Chair Page 1 Introduction Information is a critical asset. Therefore, it must be protected from unauthorized modification, destruction and disclosure. This brochure

More information

Secure Mail Registration and Viewing Procedures

Secure Mail Registration and Viewing Procedures Secure Mail Registration and Viewing Procedures May 2011 For External Secure Mail Recipients Contents This document provides a brief, end user oriented overview of the Associated Banc Corp s Secure Email

More information

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for

More information

Business Online Information Security

Business Online Information Security Business Online Information Security pic Reducing your risk and ensuring your information is secure Due to the nature of the transactions you perform using the Business Online service, it is important

More information

Online Banking Fraud Prevention Recommendations and Best Practices

Online Banking Fraud Prevention Recommendations and Best Practices Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee at Continental National Bank of Miami needs to know

More information

Data Management Policies. Sage ERP Online

Data Management Policies. Sage ERP Online Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...

More information

Preparing Your Personal Computer to Connect to the VPN

Preparing Your Personal Computer to Connect to the VPN Preparing Your Personal Computer to Connect to the VPN (Protecting Your Personal Computer Running Windows) Using the VPN to connect your computer to the campus network is the same as bringing your computer

More information

Deter, Detect, Defend

Deter, Detect, Defend Deter, Detect, Defend Deter Never provide personal information, including social security number, account numbers or passwords over the phone or Internet if you did not initiate the contact Never click

More information

Multi-Factor Authentication (FMA) A new security feature for Home Banking. Frequently Asked Questions 8/17/2006

Multi-Factor Authentication (FMA) A new security feature for Home Banking. Frequently Asked Questions 8/17/2006 Multi-Factor Authentication (FMA) A new security feature for Home Banking Frequently Asked Questions 8/17/2006 1. Why is MFA being added? We take our obligation to protect our members seriously. To make

More information

Introduction. PCI DSS Overview

Introduction. PCI DSS Overview Introduction Manage Engine Desktop Central is part of ManageEngine family that represents entire IT infrastructure with products such as Network monitoring, Helpdesk management, Application management,

More information

Enhanced Security for Online Banking

Enhanced Security for Online Banking Enhanced Security for Online Banking MidSouth Bank is focused on protecting your personal and account information at all times. As instances of internet fraud increase, it is no longer sufficient to use

More information

COLORADO DEPARTMENT OF LABOR AND EMPLOYMENT STANDARD POLICY AND PROCEDURE. Remote Access and Security I. PURPOSE.2 II. BACKGROUND.

COLORADO DEPARTMENT OF LABOR AND EMPLOYMENT STANDARD POLICY AND PROCEDURE. Remote Access and Security I. PURPOSE.2 II. BACKGROUND. COLORADO DEPARTMENT OF LABOR AND EMPLOYMENT STANDARD POLICY AND PROCEDURE S T A N D A R D P O L I C Y A N D P R O C E D U R E COLORADO DEPARTMENT OF LABOR AND EMPLOYMENT 1515 Arapahoe Street Denver Colorado

More information

Windows Operating Systems. Basic Security

Windows Operating Systems. Basic Security Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System

More information

3 day Workshop on Cyber Security & Ethical Hacking

3 day Workshop on Cyber Security & Ethical Hacking 3 day Workshop on Cyber Security & Ethical Hacking 1 st day-highlights-hands On Phishing Attack Hammad Mashkoor Lari Freelancer What is Cyber Security? What is Ethical hacking? What is Computer Science?

More information

BSHSI Security Awareness Training

BSHSI Security Awareness Training BSHSI Security Awareness Training Originally developed by the Greater New York Hospital Association Edited by the BSHSI Education Team Modified by HSO Security 7/1/2008 1 What is Security? A requirement

More information

Countermeasures against Spyware

Countermeasures against Spyware (2) Countermeasures against Spyware Are you sure your computer is not infected with Spyware? Information-technology Promotion Agency IT Security Center http://www.ipa.go.jp/security/ 1. What is a Spyware?

More information

BERKELEY COLLEGE DATA SECURITY POLICY

BERKELEY COLLEGE DATA SECURITY POLICY BERKELEY COLLEGE DATA SECURITY POLICY BERKELEY COLLEGE DATA SECURITY POLICY TABLE OF CONTENTS Chapter Title Page 1 Introduction 1 2 Definitions 2 3 General Roles and Responsibilities 4 4 Sensitive Data

More information

Student Access Reference Guide

Student Access Reference Guide Student Access Reference Guide Table of Contents Student Access Overview... 2 Logging on to the Student Portal... 3 Password Security Question Setup... 4 Need Help Signing In... 6 Navigating the Student

More information

Information Security Operational Procedures

Information Security Operational Procedures College Of Coastal Georgia Information Security Operational Procedures Banner Student Information System Security Policy INTRODUCTION This document provides a general framework of the policy utilized by

More information

MSI Secure Mail Tutorial. Table of Contents

MSI Secure Mail Tutorial. Table of Contents Posted 1/12/12 Table of Contents 1 - INTRODUCTION... 1-1 INTRODUCTION... 1-1 Summary... 1-1 Why Secure Mail?... 1-1 Which Emails Must Be Encrypted?... 1-2 Receiving Email from MSI... 1-2 Sending Email

More information

Welcome Guide for MP-1 Token for Microsoft Windows

Welcome Guide for MP-1 Token for Microsoft Windows Welcome Guide for MP-1 Token for Microsoft Windows Protecting Your On-line Identity Authentication Service Delivery Made EASY Copyright 2012 SafeNet, Inc. All rights reserved. All attempts have been made

More information

Remote Access: Internet Explorer

Remote Access: Internet Explorer Introduction: Welcome to the MSVU Remote Access service. The following documentation is intended to assist first time or active users with connecting, authenticating and properly logging out of Remote

More information

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent

More information

Cyber Security. Securing Your Mobile and Online Banking Transactions

Cyber Security. Securing Your Mobile and Online Banking Transactions Cyber Security Securing Your Mobile and Online Banking Transactions For additional copies or to download this document, please visit: http://msisac.cisecurity.org/resources/guides 2014 Center for Internet

More information

Background Information

Background Information User Guide 1 Background Information ********************************Disclaimer******************************************** This is a government system intended for official use only. Using this system

More information

The Internet and e-mail 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3

The Internet and e-mail 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3 Table of Contents 1 Acceptable use 1 Violations 1 Administration 1 Director and Supervisor Responsibilities 1 MIS Director Responsibilities 1 The Internet and e-mail 2 Acceptable use 2 Unacceptable use

More information

Working Practices for Protecting Electronic Information

Working Practices for Protecting Electronic Information Information Security Framework Working Practices for Protecting Electronic Information 1. Purpose The following pages provide more information about the minimum working practices which seek to ensure that

More information

Computer Network and Internet Security Awareness and Responsible Use. Indian River County School District 2014-2015

Computer Network and Internet Security Awareness and Responsible Use. Indian River County School District 2014-2015 Computer Network and Internet Security Awareness and Responsible Use Indian River County School District 2014-2015 1 Through the availability of electronic resources provided by the School District of

More information

Procedure Title: TennDent HIPAA Security Awareness and Training

Procedure Title: TennDent HIPAA Security Awareness and Training Procedure Title: TennDent HIPAA Security Awareness and Training Number: TD-QMP-P-7011 Subject: Security Awareness and Training Primary Department: TennDent Effective Date of Procedure: 9/23/2011 Secondary

More information

Responsible Access and Use of Information Technology Resources and Services Policy

Responsible Access and Use of Information Technology Resources and Services Policy Responsible Access and Use of Information Technology Resources and Services Policy Functional Area: Information Technology Services (IT Services) Applies To: All users and service providers of Armstrong

More information

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org INTERNET & COMPUTER SECURITY March 20, 2010 Scoville Library ccayne@biblio.org Internet: Computer Password strength Phishing Malware Email scams Identity Theft Viruses Windows updates Browser updates Backup

More information

ICT USER ACCOUNT MANAGEMENT POLICY

ICT USER ACCOUNT MANAGEMENT POLICY ICT USER ACCOUNT MANAGEMENT POLICY Version Control Version Date Author(s) Details 1.1 23/03/2015 Yaw New Policy ICT User Account Management Policy 2 Contents 1. Preamble... 4 2. Terms and definitions...

More information

IDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience

IDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience IDENTITY & ACCESS Privileged Identity Management controlling access without compromising convenience Introduction According to a recent Ponemon Institute study, mistakes made by people Privilege abuse

More information

Payment Fraud and Risk Management

Payment Fraud and Risk Management Payment Fraud and Risk Management Act Today! 1. Help protect your computer against viruses and spyware by using anti-virus and anti-spyware software and automatic updates. Scan your computer regularly

More information

Guideline for Prevention of Spyware and other Potentially Unwanted Software

Guideline for Prevention of Spyware and other Potentially Unwanted Software Guideline for Prevention of Spyware and other Potentially Unwanted Software Introduction Most users are aware of the impact of virus/worm and therefore they have taken measures to protect their computers,

More information

Customer Awareness for Security and Fraud Prevention

Customer Awareness for Security and Fraud Prevention Customer Awareness for Security and Fraud Prevention Identity theft continues to be a growing problem in our society today. All consumers must manage their personal information wisely and cautiously to

More information

Cloud Services MDM. ios User Guide

Cloud Services MDM. ios User Guide Cloud Services MDM ios User Guide 10/24/2014 CONTENTS Overview... 3 Supported Devices... 3 System Capabilities... 3 Enrollment and Activation... 4 Download the Agent... 4 Enroll Your Device Using the Agent...

More information

NATIONAL CYBER SECURITY AWARENESS MONTH

NATIONAL CYBER SECURITY AWARENESS MONTH NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the

More information

PCI Data Security Standards (DSS)

PCI Data Security Standards (DSS) ENTERPRISE APPLICATION WHITELISTING SOLUTION Achieving PCI Compliance at the Point of Sale Using Bit9 Parity TM to Protect Cardholder Data PCI: Protecting Cardholder Data As the technology used by merchants

More information

Identity Theft Prevention Program Compliance Model

Identity Theft Prevention Program Compliance Model September 29, 2008 State Rural Water Association Identity Theft Prevention Program Compliance Model Contact your State Rural Water Association www.nrwa.org Ed Thomas, Senior Environmental Engineer All

More information

Sample Policies for Internet Use, Email and Computer Screensavers

Sample Policies for Internet Use, Email and Computer Screensavers Sample Policies for Internet Use, Email and Computer Screensavers In many of its financial management reviews, the Technical Assistance Section has encouraged municipalities to develop and adopt policies

More information

Welcome Guide. SafeNet Authentication Service. MP-1 Token for Mac OS X. SafeNet Authentication Service: Welcome Guide. MP-1 Token for Mac OS X

Welcome Guide. SafeNet Authentication Service. MP-1 Token for Mac OS X. SafeNet Authentication Service: Welcome Guide. MP-1 Token for Mac OS X SafeNet Authentication Service Welcome Guide 1 Document Information Document Part Number 007-012414-002, Rev. B Release Date February 2015 Trademarks All intellectual property is protected by copyright.

More information

e-prescribing Productions

e-prescribing Productions RESOURCE AND PATIENT MANAGEMENT SYSTEM e-prescribing Productions (BEPR) Version 2.0 Office of Information Technology Division of Information Resource Management Albuquerque, New Mexico Table of Contents

More information

USING THE LEWIS UNIVERSITY VPN

USING THE LEWIS UNIVERSITY VPN USING THE LEWIS UNIVERSITY VPN This document will explain how to connect to and use the Lewis University Virtual Private Network (VPN). LOGGING INTO THE VPN: 1. Launch Internet Explorer by double clicking

More information

Rules of the Road for Users of Smithsonian Computers and Networks

Rules of the Road for Users of Smithsonian Computers and Networks Rules of the Road for Users of Smithsonian Computers and Networks Introduction Smithsonian systems, networks and other computer resources are shared among Smithsonian employees, interns, visiting scholars,

More information

Rocklin Unified School District Employee Authorized Network, Internet Usage, and E-Mail Privacy Agreement

Rocklin Unified School District Employee Authorized Network, Internet Usage, and E-Mail Privacy Agreement Rocklin Unified School District Employee Authorized Network, Internet Usage, and E-Mail Privacy Agreement Please read this document carefully before signing: A. Upon employment all individuals permitted

More information

EA USA Online Data Protection Suite. Frequently Asked Questions

EA USA Online Data Protection Suite. Frequently Asked Questions EA USA Online Data Protection Suite Frequently Asked Questions TABLE OF CONTENTS EA USA ONLINE DATA PROTECTION SUITE ABOUT THE ONLINE DATA PROTECTION SUITE... 3 What is included in the Online Data Protection

More information

10 Quick Tips to Mobile Security

10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22

More information

PREVENTING HIGH-TECH IDENTITY THEFT

PREVENTING HIGH-TECH IDENTITY THEFT 1 PREVENTING HIGH-TECH IDENTITY THEFT Presented by The Monument Group Companies Featured speaker: David Floyd November 19, 2014 2 Introduction Preventing Identity Theft (this session) Monitoring for Theft

More information

Information Security: A Perspective for Higher Education

Information Security: A Perspective for Higher Education Information Security: A Perspective for Higher Education A By Introduction On a well-known hacker website, individuals charged students $2,100 to hack into university and college computers for the purpose

More information

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious programs,

More information

Research Information Security Guideline

Research Information Security Guideline Research Information Security Guideline Introduction This document provides general information security guidelines when working with research data. The items in this guideline are divided into two different

More information

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document ESET CYBER SECURITY PRO for Mac Quick Start Guide Click here to download the most recent version of this document ESET Cyber Security Pro provides state-of-the-art protection for your computer against

More information

Title: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION

Title: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION Title: Data Security Policy Code: 1-100-200 Date: 11-6-08rev Approved: WPL INTRODUCTION The purpose of this policy is to outline essential roles and responsibilities within the University community for

More information

HIPAA Training Part III. Health Insurance Portability and Accountability Act

HIPAA Training Part III. Health Insurance Portability and Accountability Act HIPAA Training Part III Health Insurance Portability and Accountability Act POLICIES & PROCEDURES Goals Learn simple ways to protect information. Learn how to continually give training. Learn how to continually

More information

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This

More information

CYBERSECURITY POLICY

CYBERSECURITY POLICY * CYBERSECURITY POLICY THE CYBERSECURITY POLICY DEFINES THE DUTIES EMPLOYEES AND CONTRACTORS OF CU*ANSWERS MUST FULFILL IN SECURING SENSITIVE INFORMATION. THE CYBERSECURITY POLICY IS PART OF AND INCORPORATED

More information

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005 Brazosport College VPN Connection Installation and Setup Instructions Draft 2 March 24, 2005 Introduction This is an initial draft of these instructions. These instructions have been tested by the IT department

More information

DHHS Information Technology (IT) Access Control Standard

DHHS Information Technology (IT) Access Control Standard DHHS Information Technology (IT) Access Control Standard Issue Date: October 1, 2013 Effective Date: October 1,2013 Revised Date: Number: DHHS-2013-001-B 1.0 Purpose and Objectives With the diversity of

More information

Basic Setup Guide. Remote Administrator 4 NOD32 Antivirus 4 Business Edition Smart Security 4 Business Edition

Basic Setup Guide. Remote Administrator 4 NOD32 Antivirus 4 Business Edition Smart Security 4 Business Edition Basic Setup Guide Remote Administrator 4 NOD32 Antivirus 4 Business Edition Smart Security 4 Business Edition Contents Getting started...1 Software components...1 Section 1: Purchasing and downloading

More information

Trauma/Recon Sales. Step by step guide to using the Smith & Nephew User Gateway (SNUG) Global Remote Access

Trauma/Recon Sales. Step by step guide to using the Smith & Nephew User Gateway (SNUG) Global Remote Access Trauma/Recon Sales Step by step guide to using the Smith & Nephew User Gateway (SNUG) Global Remote Access Table of Contents Introduction...1 How Do I Get Access to SNUG?...1 Getting Started...1 Logging

More information