The document discusses protecting sensitive information at Western Carolina University. It defines sensitive information and lists several federal and state laws requiring compliance, including HIPAA, GBLA, FERPA, and NC ITPA. Common threats like phishing, hacking, malware, and physical access are described. Proper security practices like encrypted storage, password protection, and cleaning desks are recommended to prevent data breaches, which can result in penalties for the university.
Personal Identity theft has been increasing at an alarming rate. Millions have been affected by ID Theft and millions more will be. What can we do at WCU to help prevent the compromise of sensitive data? IT Security has begun a campaign to bring security awareness to the university's workforce, stressing the importance of using good computer and worksite security practices. In this presentation We’ll talk about some of the simple, yet very important things each of us can do work more securely.
Personal Identity theft has been increasing at an alarming rate. Millions have been affected by ID Theft and millions more will be. What can we do at WCU to help prevent the compromise of sensitive data? IT Security has begun a campaign to bring security awareness to the university's workforce, stressing the importance of using good computer and worksite security practices. In this presentation We’ll talk about some of the simple, yet very important things each of us can do work more securely.
HIPAA --establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers. GBLA- The Financial Modernization Act of 1999, also known as the "Gramm-Leach-Bliley Act" or GLB Act, includes provisions to protect consumers’ personal financial information held by financial institutions. There are three principal parts to the privacy requirements: the Financial Privacy Rule, Safeguards Rule and pretexting provisions. FERPA -The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education
Downloading Malware onto a university workstation which connects to our databases could compromise the security of the system. Users who are not qualified to administer the system Security patches not applied Improper settings on system, database
Downloading Malware onto a university workstation which connects to our databases could compromise the security of the system. Users who are not qualified to administer the system Security patches not applied Improper settings on system, database
Types of Malware: Viruses • Spyware • Keyloggers • Backdoors
Types of Malware: Viruses • Spyware • Keyloggers • Backdoors