management of data as responsible use icpl 2005. information privacy and security as usual in higher...
TRANSCRIPT
![Page 1: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/1.jpg)
Management of Data as Responsible Use
ICPL
2005
![Page 2: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/2.jpg)
Information Privacy and Security
• As usual in higher education, different institution will have, and take, different approaches to the protection, preservation, and proper use of their IT resources and assets:– Hardware– Software– Data
![Page 3: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/3.jpg)
Privacy and SecuritySecurity and Privacy
• Security– Administrative
• Program
– Logical• Availability• Integrity• Confidentiality
– Physical• Locks and Keys
• Privacy– Transparency
• Data collected/stored• Relevancy
– Disclosure• Notice
– Control• Correct Mistakes• Opt-In or Out
– Security• Administrative• Logical• Physical
![Page 4: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/4.jpg)
Data…
Is at the core of the intersection between security and privacy, not least in the
experience of information technologies.
![Page 5: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/5.jpg)
Comprehensive Information Security Policies
• UC-Berkeley Framework– http://ist-socrates.berkeley.edu:2002/pols.html
• UCOP– http://www.ucop.edu/ucophome/policies/bfb/is3.pdf
• Princeton– http://www.princeton.edu/~protect/PoliciesAndGuidelines/
InfoSecPolicy05-21-2004.pdf
• Chicago– https://security.uchicago.edu/regulated-computers/
policy.shtml
![Page 6: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/6.jpg)
Data Classification and Stewardship
• Classification– http://www.stanford.edu/group/security/
classification/classification_of_data.html
• Stewardship– http://www.itc.virginia.edu/policy/
itcadminappendixa.html– http://www.web.virginia.edu/iaas/
data_catalog/institutional/data_digest/datadigest.html
![Page 7: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/7.jpg)
Cornell IT Policy Framework
http://www.cit.cornell.edu/oit/policy/framework-chart.html
![Page 8: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/8.jpg)
Security of Information Technology ResourcesEvery user responsible for security of devices
connected to the network
Five Categories of Users/Obligations
IT Director: coordinate security program
Unit Heads: oversee (for their unit)
Security Liaisons: effectuate (unit risk assessment)
Local Support Provider: implement (desktop)
User: know who you are and don’t share password!
![Page 9: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/9.jpg)
Responsible Use of IT Resources
Every user must manage the data on their IT devices
Five Categories of Users/Obligations
IT Data Director: coordinate
Stewards: oversee (policy)
Data Liaisons: effectuate (inventory/flows)
Custodians: implement (secure that web page!)
Users: know who you are (and don’t infringe copyright!)
![Page 10: Management of Data as Responsible Use ICPL 2005. Information Privacy and Security As usual in higher education, different institution will have, and take,](https://reader036.vdocument.in/reader036/viewer/2022083005/56649f135503460f94c27ad4/html5/thumbnails/10.jpg)
Conclusion
Protection, preservation and appropriate use of institutional IT assets and interests requires comprehensive
information data and security programs.
That an institution have such programs is a given; how they are constructed goes to the history, culture and tradition of the
institution.