Information Security Guide

8/8/2019 Information Security Guide

1/18

Information Security Guide

Meenu Jain (09609083)

Sonal Bora (06502923)

Pankaj Kumar Singh (09609036)

9/28/2010 Information Security Guide 1


2/18

Introduction

Information Security Guide by Case

Western research University.

To protect information resources.

To make sure information systems are not

used in a way that damages the university,

students, or its employees.

Information Security is a Collective

Responsibility.

Helps safeguard from situations that could

inadvertently disclose university &

students information.9/28/2010 Information Security Guide 2


3/18

Handling Sensitive Information

Safeguard sensitive information from

damage, loss, misuse, or unauthorized

disclosure.

Lock or log off computers when away

from your desk.

Use a password-protected screensaver.

Keep sensitive files from inadvertent

disclosure by ensuring they are not on

freely accessible servers.



4/18

Human Capital Management

Enables easily accessing payroll and

benefits data and securely managing

personal and banking tasks.

Do not share your network password with

anyone.

Do not enable automatic login.

Be sure to log out each time you visit the

HCM website.

Avoid using your ID and password

combination for other personal accounts.



5/18

FERPA & HIPAA

FERPA protects the privacy of student education

records.

Information is to be stored and transmitted using

practices for sensitive information.

Access to data is restricted to individuals who

need this information for legitimate educational

purposes.

HIPAA mandates the protection and privacy of

patient health information.

Ensure that patient data is safeguarded against

potential hacking and unauthorized access.



6/18

Passwords

Keep your Network ID, Passwords, and

PINs Confidential.

Dont use anything that can be easily

guessed.

Strong passwords should be at least 12

alphanumeric characters in length.

Passwords should be changed often

Passwords should not be shared, posted,

written down, or recycled.

Passwords should be unique.



7/18

E-mail and Instant Messaging

E-mail and IM are not risk free.

Be cautious about what you send.

Be wary about the actual source of

received e-mails.

Set up spam and junk mail filtering to

reduce your mail volume and risk

Do not open an attachment that seems

odd or out of context.

Always check the To: distribution line

before sending a message.



8/18

Computer Virus & Spam Protection

Electronic viruses are rampant. Protect yourself

Make sure that you understand the source and

purpose of any attachment before opening it.

Make sure that your computers are always

running current anti-virus software.

Sign-up for automatic online live updates to

ensure up-to-date protection.

Consider using a separate e-mail address for

some public activities.

Never buy anything advertised in spam.



9/18

Internet

Be aware of Internet risks.

Pay attention to security warnings

Dont assume that information found

on the Internet is necessarily accurate

or up to date.

Make sure that all materials you

download comply with all applicable

laws, copyright restrictions, and Case

policies.



10/18

Public Wireless Hotspots and Spyware

Wireless networking requires vigilance.

Use a VPN (Virtual Private Network)

encrypted connection when you access

proprietary information wirelessly.

Protect yourself from spyware intrusions.

Use an anti-spyware product from a

trusted vendor.

Use a personal firewall product and keep it

updated.



11/18

Phishing

Protect yourself from identity theft.

Legitimate organizations NEVERrequest personal information in such a way.

A phishing e-mail is seldom addressed to you directly.

A phishing webpage will look authentic.

Phishing is rooted in information and identity theft, which permits online theft

of millions of dollars.



12/18

Anti-Hacker Checklist - Never divulge information to strangers.

Hackers often obtain confidential information by contacting employees who

unintentionally respond.

Verify the identity of callers requesting information.

Refer all inquires on information about yourself/employees to HR.

Never discuss Cases computer hardware, software.., unless the person is

known or can verify his/her identity and need to know.

Never respond to online inquiries about banking, credit

card or other personal information.

Never give out password to anyone under any circumstances.

e wary of phishing techniques.



13/18

Software Piracyand Copyright Use only licensed software.

University provides many software programs and packages generally at no

cost to its faculty, staff and students.

Do not install any unauthorized software on PC.

If a specific software package is required which is not available

with Chase Software Center, contact business manager/Help Desk.

Do not create unauthorized copies of vendor software.

Voice Mail Ensure voice mail confidentiality.

Select passwords having at least 4 characters (8 characters are recommended).

Do not tell anyone else your password and avoid writing your password down.

Change password periodically.

Change password immediately if you think that someone else knows it.



14/18

Removable Media These powerful tools can be full of important

and proprietary information.

Removable media such as diskettes, CDs,USB drives and other

media often contain important information and should be secured.

Lock up removable media when not in use. Do not place removable media near magnets/magnetic devices.

Properly label diskettes and other removable media.

Do not dispose of a disk without ensuring the destruction of

information.

Be sure to inventory the contents of media on a regular basis.



15/18


16/18

Theft Deterrents Protect your electronic equipment from theft.

Restrict physical access of machines to trusted and authorized individuals.

Never leave a laptop unattended and make sure it is secured with a

cable lock or locked into docking station, or in a drawer.

Protect your home PC A five-step proactive security approach.

Step 1: Set Security Configurations.

Step 2: Use an Internet Firewall.

Step 3: Update Computer.

Step 4: Use Up-to-Date Antivirus Software.

Step 5: Secure Home Wireless Network.



17/18

Conclusion

Human Capital Management

FERPA - A federal law

HIPAA - Security rule

Threats to Information Security

Passwords

E-mail and Instant Messaging

Computer Viruses

Spam Protection

Internet

Phishing

Public Wireless Hotspots

Spyware

Identity Theft

Software Piracy & Copyright

Removable Media

Mobile Devices


Information Security A Collective Responsibility


18/18

Thank YouAny Questions ?

Meenu Jain (09609083)

Sonal Bora (06502923)

Pankaj Kumar Singh (09609036)


Information Security Guide

Documents