Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11,...

11
Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008

Transcript of Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11,...

Page 1: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

Virginia Tech’s Effective Practices for Managing Sensitive

DataCommon Solutions Group

January 11, 2008

Page 2: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

Our needs…

• Stay out of the Press.

• Stay out of the courts.

• Preserve the integrity of the data.

• Respect the privacy of our students and employees.

Page 3: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

Education•On-demand

Building Blocks•Acceptable Use Policy•Data Classification

Tools•SSL

Compliance•HR Disciplinary Action

Pre-2003

#1: Do what you can when you can do it.

Page 4: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

#2. Create a framework for doing it.

Page 5: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

#3. Garner support from the Big Sticks.

• Board of Visitors• University Legal Counsel• Internal Audit• Campus Police

Page 6: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

Education•Awareness sessions•Faculty Dev. Institute•Communication•SANS-EDU

Building Blocks•Authority Docs•VTCA•Policies (SSN)•Standards (PII)

Tools•Find_SSN•Find_CCN•Encryption

Compliance•ITSO Security Reviews•Audit

2008

#4. Don’t think you’re done.

Page 7: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

Security Standards for Social Security Numbers• IT Standards

– SSN on display screens, reports– Security protocol to access SSN on VT DB– Electronic Storage of SSN (encrypt it)– Electronic transmission of SSN (encrypt it)– Obtain permission to include SSN in ANY electronic

system

• Records management handles paper documents

Page 8: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

Benefits• Lack of a complete solution has not

prevented us from implementing partial solutions.

• Everyone has a role.– Members of the IT organization and the

university have increased their involvement, interest and awareness in security through policy development, tool development and by participating in VT IT Security Task Force.

Page 9: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

Challenges

• Pulling all the pieces together to create a comprehensive plan for securing personally identifying information (PII).

Page 10: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

Future Plans

• Meet the challenge!

Page 11: Virginia Tech’s Effective Practices for Managing Sensitive Data Common Solutions Group January 11, 2008.

VT EP for Managing Sensitive Data

References• Virginia Tech IT-Related University Policies

http://www.policies.vt.edu/index.php#it • Security Standards for Social Security Numbers

http://computing.vt.edu/administrative_systems/banner/security%20standards_5July05.pdf

• Virginia Tech Certification Authority http://www.pki.vt.edu • Virginia Tech Information Technology Security Office

http://security.vt.edu • Virginia Tech IT Security Task Force

https://content.cc.vt.edu/confluence/display/ITS/Home • Administrative Data Management and Access Policy

http://www.policies.vt.edu/7100.pdf

http://www.policies.vt.edu/index.php
http://computing.vt.edu/administrative_systems/banner/security%20standards_5July05.pdf
http://computing.vt.edu/administrative_systems/banner/security%20standards_5July05.pdf
http://www.pki.vt.edu/
http://security.vt.edu/
https://content.cc.vt.edu/confluence/display/ITS/Home
http://www.policies.vt.edu/7100.pdf

PHILADELPHIA’S VACANT PROPERTY JOURNEY€¦ · This case study is one of three conducted by Virginia Tech’s Vacant Property Research Network (VPRN), with support from the Ford

PHILADELPHIA’S VACANT PROPERTY JOURNEY€¦ · This case study is one of three conducted by Virginia Tech’s Vacant Property Research Network (VPRN), with support from the Ford

FORSYTH TECH’S STUDE Technically Speaking

FORSYTH TECH’S STUDE Technically Speaking

Variation in the structure, composition, and dynamics of a … · 2020. 1. 16. · Geography at Virginia Tech; and Virginia Tech’s Graduate Student Assembly’s Graduate Research

Variation in the structure, composition, and dynamics of a … · 2020. 1. 16. · Geography at Virginia Tech; and Virginia Tech’s Graduate Student Assembly’s Graduate Research

Georgia Tech’s 2021 Incoming Class - admission.gatech.edu

Georgia Tech’s 2021 Incoming Class - admission.gatech.edu

Virginia Tech’s Partnership for and Incentive Based Budget · Virginia Tech’s Partnership for an Incentive Based Budget Ken Smith, Vice Provost ... winter sessions and select

Virginia Tech’s Partnership for and Incentive Based Budget · Virginia Tech’s Partnership for an Incentive Based Budget Ken Smith, Vice Provost ... winter sessions and select

Virginia Tech’s RootReport · 2020. 7. 16. · Virginia Tech. We study the medicinal plant trade as part of our mission to provide research and extension services for non-timber

Virginia Tech’s RootReport · 2020. 7. 16. · Virginia Tech. We study the medicinal plant trade as part of our mission to provide research and extension services for non-timber

Michigan Tech’s E-Rush

Michigan Tech’s E-Rush

In Search of GeoData Workflow Virginia Tech’s … · Poster presentation: Andi Ogier - alop@vt.edu GeoData Project Lead: Shane Coleman - shanec4@vt.edu Data Curation Intern Developer:

In Search of GeoData Workflow Virginia Tech’s … · Poster presentation: Andi Ogier - [email protected] GeoData Project Lead: Shane Coleman - [email protected] Data Curation Intern Developer:

Virginia Tech’s Digital Library Research Laboratory: From Hardware to Software to Projects to Theory IBM T. J. Watson Research Center July 26, 2000 Edward.

Virginia Tech’s Digital Library Research Laboratory: From Hardware to Software to Projects to Theory IBM T. J. Watson Research Center July 26, 2000 Edward.

Women and Gender in International Development · Virginia Tech’s Women and Gender in International Development (WGD) program works collaboratively with universities, non-governmental,

Women and Gender in International Development · Virginia Tech’s Women and Gender in International Development (WGD) program works collaboratively with universities, non-governmental,

PAMPLIN - Virginia Tech · Virginia Tech’s nationally ranked Pamplin College of . ... A group of 22 executive MBA students visited companies, government and professional ... Andersen,

PAMPLIN - Virginia Tech · Virginia Tech’s nationally ranked Pamplin College of . ... A group of 22 executive MBA students visited companies, government and professional ... Andersen,

AOL Search Speaker Series Virginia Tech’s Digital Library Research Laboratory Dec. 20, 2004 -- AOL HQ Edward A. Fox, fox@vt.edu Virginia Tech, Blacksburg,

AOL Search Speaker Series Virginia Tech’s Digital Library Research Laboratory Dec. 20, 2004 -- AOL HQ Edward A. Fox, [email protected] Virginia Tech, Blacksburg,

Virginia Tech’s Innovation Campus to Spawn New Patent ... › A11960 › assets › files › News › VA Lawyer _… · patent work for protecting inventions gener-ated from this

Virginia Tech’s Innovation Campus to Spawn New Patent ... › A11960 › assets › files › News › VA Lawyer _… · patent work for protecting inventions gener-ated from this

FOOTBALL - hokiesports.com · 2017 FOOTBALL VIRGINIA TECH HOKIES ... • Tech’s tradition of special teams excellence is alive and ... and trails only TCU (68.2%) among Power Five

FOOTBALL - hokiesports.com · 2017 FOOTBALL VIRGINIA TECH HOKIES ... • Tech’s tradition of special teams excellence is alive and ... and trails only TCU (68.2%) among Power Five

MARKET SQUARE - NATIONAL LANDING...• This retail project is sandwiched between Amazon’s HQ2 and Virginia Tech’s Innovation Hub. • Located at the gateway to National Landing,

MARKET SQUARE - NATIONAL LANDING...• This retail project is sandwiched between Amazon’s HQ2 and Virginia Tech’s Innovation Hub. • Located at the gateway to National Landing,

PSU/Villanova/VT Discussion Virginia Tech’s Digital Library Research Laboratory Jan. 10, 2005 -- PSU Edward A. Fox, fox@vt.edu Virginia Tech, Blacksburg,

PSU/Villanova/VT Discussion Virginia Tech’s Digital Library Research Laboratory Jan. 10, 2005 -- PSU Edward A. Fox, [email protected] Virginia Tech, Blacksburg,

Georgia Tech’s Road to Sakai

Georgia Tech’s Road to Sakai

Virginia Tech’s Response to Research Data Needs: The Center for Digital Research and Scholarship

Virginia Tech’s Response to Research Data Needs: The Center for Digital Research and Scholarship

LDDI Bridges - Virginia Tech · LDDI Bridges is apublication of Virginia Tech’s Land Development Design Initiative Editors: students and industry partners. Recently, the site has

LDDI Bridges - Virginia Tech · LDDI Bridges is apublication of Virginia Tech’s Land Development Design Initiative Editors: students and industry partners. Recently, the site has

PAMPLIN - Virginia Tech Business · to Sara DiMantova and Chris VanEvery Virginia Tech’s nationally ranked Pamplin College of Business offers undergraduate and grad-uate programs

PAMPLIN - Virginia Tech Business · to Sara DiMantova and Chris VanEvery Virginia Tech’s nationally ranked Pamplin College of Business offers undergraduate and grad-uate programs