Information Security Guide: Case Western Reserve University

1
INFORMATION
SECURITY GUIDE
CASE WESTERN RESERVE UNIVERSITY
Awnish Pandey (09609118)

Parul Sharma (09609075)
Kaushik Mishra (06503851)
INTRODUCTION
 This Information Security Guide is intended to assist in

daily activities and help safeguard from situations that
could inadvertently disclose information, compromise
privacy, or impair the functionality of a personal
computer.
 With the ubiquitous use of Internet-based tools,

information can be transmitted around the world within
seconds. As such, it is critical that each of us do our
part in protecting the integrity and confidentiality of our
information resources.
12/07/2021
Information Security Guide 2
Handling
Sensitive
Information
Restrict access on a
need to know basis
12/07/2021
HANDLING SENSITIVE INFORMATION
If you have access to sensitive information, you must

safeguard it from damage, loss, misuse, or
unauthorized disclosure.
Sensitive information includes, but is not limited to,

personally identifiable information about Case students,
faculty, and staff; medical and health information;
research and technology initiatives; business and
financial matters; and fundraising and alumni issues.
12/07/2021
HANDLING SENSITIVE INFORMATION
Best Practices
 Maintain the confidentiality of the information stored

on your computer by using only original software for
processing sensitive information.
 Lock or log off computers when away from your
desk
 Use a password-protected screensaver
 Keep sensitive files from inadvertent disclosure by
ensuring they are not on freely accessible servers
(web, ftp, unauthenticated file shares)
12/07/2021
Human Capital
Management
HCM facilitates
human resources
functions at Case
12/07/2021 6
HUMAN CAPITAL MANAGEMENT
Peoplesoft HCM enables Case employees to easily

access payroll and benefits data and securely
manage personal and banking tasks.
This system meets the highest standards for

information security. Social security numbers are
completely masked and bank information is partially
masked.
12/07/2021 7
HUMAN CAPITAL MANAGEMENT
Best Practices
 Do not share your network password with anyone.

 Do not enable automatic login on the HCM website.
 Be sure to log out each time you visit the HCM
website, no matter how quickly you plan to log back
in
 Avoid using your Case ID and password combination
for other personal accounts (bank accounts, ISPs,
local machine accounts, web services, etc.)
12/07/2021
Family Educational
Rights & Privacy Act
(FERPA)
FERPA, a federal law,
applies to student
records and
information
12/07/2021
FERPA
FERPA Guidelines
 Student education records are considered sensitive

and may not be released without the written
consent of the student
 Case community members have a responsibility

and obligation to protect student education records
in their possession. FERPAinformation is to be
stored and transmitted using practices for sensitive
information.
12/07/2021
FERPA
FERPA Guidelines
 Access to student data is restricted to individuals

who need this information for legitimate
educational purposes.
 Before releasing any student information, including

directory information, one should consult the
University Registrar’s Office to ascertain whether
the information can be disclosed
12/07/2021
Protect our self from Computer
Viruses
 Spam Protection –
Never respond to unsolicited e-mail.
Never buy anything advertised in spam.
 Internet risks –
All materials you download should comply with all
applicable laws, copyright restrictions .
Don’t assume that information found on the
Internet is necessarily accurate or up to date.
12/07/2021
Viruses
 Public Wireless Hotspots
Use a VPN(virtual private network) encrypted

connection.
Pop-ups are a common trick for installing spyware,
viruses, and other infections.
12/07/2021
Viruses (contd.)
Spyware Instrusions –
Use a personal firewall product and keep it

updated.
Do not accept downloads from pop-up windows or
unknown websites.
12/07/2021
Viruses (contd.)
Phishing –
Phishing is the criminally fraudulent process of
attempting to acquire sensitive information such as
usernames, passwords and credit card details by
masquerading as a trustworthy entity in an
electronic communication. A phishing webpage will
look authentic.
12/07/2021
MAKE HACKING IMPOSSIBLE
 Never divulge information to stranger.
 Verify the identity of caller who is seeking
information.
 Don’t give out information about yourself or other
employees. Refer all inquiries to Human
Resources.
 Never respond to online inquiries about banking,
credit card, or other personal information.
12/07/2021
SHOFTWARE PIRACY AND
COPYRIGHT.
 Use only licensed
software on your
computer.
 Do not install any
unauthorized software
on your PC
12/07/2021
REMOVABLE MEDIA
PROTECTION
 Do not place disks or

other removable media
near magnets or other
magnetic devices, as
these could destroy
information.
 Lock up removable
media containing
confidential information
when not in use.
12/07/2021 Information Security Guide 18
ELECTRONIC EQUIPMENT PROTECTION
 Restrict physical access

of machines to trusted
and authorized
individuals.
 Never leave a laptop
unattended and, if you
must, make sure it is
secured with a cable
lock, locked into docking
station, or out of sight in
a cabinet or drawer.
12/07/2021
MOBILE DEVICE PROTECTION
 Do not store vital information's (credit card

password e-banking password) in your mobile.
 Backup your data regularly and keep an updated
copy in a separate location.
 Know what you have stored on your devices and
periodically inventory their content.
12/07/2021
THANK YOU
QUESTIONS??

Information Security Guide: Case Western Reserve University

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Information Security Guide: Case Western Reserve University

Uploaded by

Copyright:

Available Formats

1

Awnish Pandey (09609118)

 This Information Security Guide is intended to assist in

 With the ubiquitous use of Internet-based tools,

If you have access to sensitive information, you must

Sensitive information includes, but is not limited to,

 Maintain the confidentiality of the information stored

Peoplesoft HCM enables Case employees to easily

This system meets the highest standards for

 Do not share your network password with anyone.

 Student education records are considered sensitive

 Case community members have a responsibility

 Access to student data is restricted to individuals

 Before releasing any student information, including

Use a VPN(virtual private network) encrypted

Use a personal firewall product and keep it

 Do not place disks or

 Restrict physical access

 Do not store vital information's (credit card

You might also like