Difference between revisions of "Data security"
Line 35: | Line 35: | ||
[[File:DSecurityExample.png|left|250 px]]Only use your WSU password on sites if they end in winona.edu or mnscu.edu. There can be many things that look superficially legitimate, however with an extra keen glance suspicious items are readily visible. You need to verify! To verify URL links you just 'mouse over' the link(s) that you are being directed to. This is done by putting your mouse on a hyperlink until the application pops up the actual destination hidden in the link. | [[File:DSecurityExample.png|left|250 px]]Only use your WSU password on sites if they end in winona.edu or mnscu.edu. There can be many things that look superficially legitimate, however with an extra keen glance suspicious items are readily visible. You need to verify! To verify URL links you just 'mouse over' the link(s) that you are being directed to. This is done by putting your mouse on a hyperlink until the application pops up the actual destination hidden in the link. | ||
+ | |||
==Required Online Training== | ==Required Online Training== |
Revision as of 14:06, 25 October 2013
Data Security and WSU
Why is Data Security Important?
One of the most important concerns in any organization is data security. Data security is important because it maintains the overall stability and credibility of the institution. As a Winona State employee you are responsible for adhering to federal, state, and institutional policies and guidelines. Employee failure to abide by these guidelines may prevent Winona State servers from connecting to the internet which leads to a loss of business productivity.
WSU’s Legal Obligations
FERPA
(Family Educational Rights and Privacy Act) Is a federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.
MnGDPA (Minnesota Government Data
Practices Act) The Government Data Practices Act, Minnesota Statutes, Chapter 13, creates a presumption that state and local government records are accessible to the public unless a statute or rule provides otherwise.
MnSCU Policies & Procedures
WSU Policy
Your Responsibilities
As part of the Winona State Community you are expected to follow some very important guidelines to help keep our campus safe.
Check Links in Emails—So Important!
Let's first answer the question: Why do I need to validate a web-link or an email address? The short answer (like the answer for most security related questions) is that you cannot always trust people.
The Winona State IT Department will never require you to provide your WSU credentials in an email. If you receive an email requesting this information do not open it and please forward it to abuse@winona.edu.
Only use your WSU password on sites if they end in winona.edu or mnscu.edu. There can be many things that look superficially legitimate, however with an extra keen glance suspicious items are readily visible. You need to verify! To verify URL links you just 'mouse over' the link(s) that you are being directed to. This is done by putting your mouse on a hyperlink until the application pops up the actual destination hidden in the link.
Required Online Training
PJPD
(Public Jobs Private Date)
Log onto D2L.winona.edu — D2L Required Training
The Public Jobs Private Data (PJPD) Course is a mandatory online training course for all employees of the MnSCU system. This online course provides a structural framework for handling sensitive data and how to avoid most common end-user mistakes.
Report it!
Did you fall for a scam or are you just suspicious? When things go wrong … or something doesn’t seem right. Report it to abuse@winona.edu
Protect Your Password
Do NOT share your WSU password with anyone.
- Not with your office administrator
- Not with your kids or spouse
- Not with your IT Staff. Other IT Staff will have access with their own password!
- Never let anyone use your keyboard while you are logged into the device.
WSU devices should not be shared with anyone!!
Things To Be Concerned About
- Groggy Monday morning and you fall for a phishing scheme
- Maybe you replied to an email
- Maybe you JUST clicked a link
- Accidentally type your password into the
wrong field of a form of a legitimate page!
- Typed your password into the username fields
- Cursor was actually in your instant messenger window
- Received or realized you sent private data in an insecure manner, e.g. emailed a SSN.
- You start receiving tons of non-deliverable emails
- "I didn't send this email message..."
- You lose a device (phone, PDA, tablet, laptop or storage device) or suspect it was stolen
- Your work environment has been upset
- documents have been moved or are missing
- a different user last used your computer
- Unsolicited calls or visits from IT or Maintenance
Personal Training
If you would like more information or personal 1:1 training regarding WSU and Data Security contact:
- Tobias Schmidt
- Data Security Officer
- Winona State University
- 507) 457-2214
- TSchmidt@winona.edu