DUE Desktop Support Corner: October is Cyber Security Awareness Month

By Steven Burke, Director of Administrative Computing, DUE/DSL Desktop Support

Protecting PIRN* in DUE • Our Collective Responsibility
(*Personal Information Requiring Notification)

On July 30, 2010, Dean Hastings sent an email reminding DUE Staff of our collective responsibility to protect sensitive information DUE holds for our clients. Jeanne Hillery, Director of Finance and Administration and I are meeting with each DUE department to talk about eliminating and protecting both electronic and paper files containing sensitive data.

In order to promote Cyber Security Awareness across DUE, various tips on safe-computing practice tips will be sent to the staff throughout the month.

Identity Finder

Identity Finder is an application that gives one the ability to locate and eliminate or secure, sensitive data such as Social Security, Bank Account, Credit Card, Driver’s License or State issued ID numbers on our computers.

DUE Desktop Support is working with department IT Liaisons installing Identity Finder on all DUE computers, and providing training to the IT Liaisons so they may demonstrate it’s use to their department staff.

  • DUE Staff are required to run Identity Finder at least once a month (more often as determined by their manager or department head).
  • An action with Identity Finder must be taken for any sensitive data found on your computer. You are required to either eliminate or secure any sensitive data found.
  • Check with your manager/supervisor/department head to find out if you are authorized to retain sensitive data on your computer. You may need written authorization.
  • If you are authorized to retain sensitive data on your computer, you are required to protect it.
  • Quick Guides for using Identity Finder can be found on the DUE Desktop Support Model website
    (Requires an MIT Certificate)

Laptop Policies

DUE has implemented a number of laptop policies to protect the information stored on them. These policies are for all laptops, including floater laptops.

  • Laptops are required to have a STOP! Security Tag affixed to them.
  • Laptops are required to have security cables that should be used as a theft deterrent measure.
  • All laptops are required to be encrypted with PGP Whole Disk Encryption to protect data should the laptop be lost or stolen.

IS&T Online Training Demos • Computing Security Awareness

IS&T offers several online videos that point out issues surrounding information security. It also provides steps you can take to protect yourself and MIT.

IS&T Publishes Best Practices for Exchange

IS&T has posted a page in the knowledge base, Hermes, about Best Practices when using Exchange. Among other tips, the information for Meeting Attendees, Meeting Organizers and Delegates is very helpful. Check it out!