Post on 17-Jan-2016
description
J. Rick MihalevichDean of Information Technology
Linn State Technical Collegerick.mihalevich@linnstate.edu
573.897.5129June 18, 2009
Provide awareness of the need Provide awareness of the major laws that
impact public entities Provide information on best practices,
technology, and trends Provide resources for further information
Open Accessible Transparent Accountable
LSTC currently utilizes XXXXXX to provide data XXXXXX processes which impacts approximately XXXXXX blocked attacks daily.
XXXXXXX manages a XXXX XXXX router at the gateway
LSTC utilizes XXXXXX Firewall The DMZ is attached to a XXXXXXX appliance. All packets are inspected by XXXXXX and XXXX
security software is used to protect against XXXXXX attacks.
2006 26.5 million veterans was compromised when a laptop was stolen
2007 Inspector General for Tax Administration found 490 laptops containing sensitive taxpayer data had been lost or stolen
2006 Employee information at the department of agriculture was compromised by unauthorized access
Examples of Compromised Data
FERPA: Family educational rights and privacy act
HIPAA: Health insurance portability and accountability act
GLB: Gramm-Leach-Bliley Act The Privacy Act E-government Act FISMA: The Federal Information Security
Management act
Conclusion #1: LSTC Infrastructure◦ Security by Obscurity
Conclusion #2: Examples of Compromised Data◦ Employees may pose the greatest risk
Conclusion #3: Public Laws◦ Balance between openness and security
Public Trust Restricting access, in the name of security is no vise
Pass Phrase Thumb drive encryption Encryption of laptops Virtual Private Networks (VPN’s) Touchpad security Effective patch management
Security officer Security by Obscurity Not using SSN Training and awareness Change passwords frequently (Strong) Don’t click on e-mail links
www.cybersecurity.mo.gov www.msisac.org Department of Homeland Security National Governors Association Center for
Best Practices National Association of Chief Information
Officers Governmental Accountability Office
Principles of openness, accuracy, transparency and accountability
How would you like your personal information handled fairly and lawfully process it process it only for limited, specifically stated purposes use the information in a way that is adequate, relevant and
not excessive use the information accurately keep the information on file no longer than absolutely
necessary process the information in accordance with your legal rights keep the information secure never transfer the information outside
ethnic background political opinions religious beliefs health sexual life criminal history