Five steps you can take to stop data breaches

Posted: September 5, 2013 | Author: | Filed under: Employees, Policies, Security, Tech tips |Leave a comment

Because it is an institution of higher learning, Eastern is a repository of a great deal of personal and financial information for thousands of students and employees. Social Security numbers, names, addresses, telephone numbers, birth dates and other idata – they’re all here, stored on networked computers and servers and therefore potentially accessible to anyone who might want to steal the data.

Data breaches at universities seem to be a regular occurrence. Whether an employee downloading sensitive information or a thief who steals back-up tapes containing financial data, the potential for breaches to occur and for significant fallout in their wake is very real.

University networks are particularly vulnerable because they must be open, carry a lot of data, have many access points and support many portable devices, such as laptops, cell phones and PDAs.

Preventing data breaches, therefore, is the responsibility of every faculty and staff member who works at Eastern. With that in mind, here are five things you can do to prevent such occurrences:

– Make sure information systems are up to date and patched. Hackers use vulnerabilities or holes in coding to gain access. “If we don’t repair these vulnerabilities, it’s kind of like leaving the back door to your house open,” said Mike Gioia, Eastern’s information security officer.

– Don’t store personal and sensitive information on systems if you don’t have to. “Don’t keep it just because it’s convenient,” said Gioia. “Restrict the level of data you have out there.”

– Monitor activity regularly. “Look for odd activity on systems, activity that should not be happening,” he said. “Look at the logs of servers to see who is accessing them.”

– Make sure you require the use of strong passwords to log into systems. “Know who has access to your systems and if it’s appropriate for them to have it,” Gioia said.

– Be aware. “The majority of data breaches are due to human error,” he said. “Have employees know what data is sensitive. Train them as to what they can and cannot release, and teach them about what is appropriate use and what is not.”

Leave a comment