Data Security: Policies and Regulations Impacting Research Data
Security considerations in managing sensitive data.
We've made changes in response to COVID-19. Here’s what to know about campus libraries for spring 2021.
What is Information Security?
Typically there are 3 main characteristics that come into play when dealing with information security:
- Confidentiality : Ensuring data remains private.
- Integrity : Ensuring the data is accurate.
- Availability: Ensuring data is accesible to the appropriate people.
Why Is It Important?
Higher education institutions are often targets for people who are looking to mine sensitive information for profit. UNC is an institution committed to information sharing, and this includes sensitive data. It is important to note that everyone who comes into contact with sensitive data has a responsibility to ensure information security.
Guidelines for Information Security/Steps for Reducing Risk
Computer management, maintenance and upkeep
- Identify systems storing sensitive information
- Scan these systems for vulnerability monthly
- Ensure operating systems and system applications are up to date
Encrypt mobile devices
For devices storing sensitive information, encryption is required.
- Whole disk encryption on laptops
- Device or file and folder encryption on smartphones
- File and folder encryption on portable media like flashdrives
Tools to use
- Pretty Good Privacy (PGP)
- Truecrypt
- Hardware encrypted devices
- Passwords
Adopt less risky behaviours
- Limit personal browsing on machines with sensitive information
- Remove sensitive information from machines that do not need it
- Be wary of free software
- Avoid storing sensitive information on mobile devices
- Report suspicious events
More Information
-
UNC ITS Security ChecklistScroll down to section titled, "Guidelines for Securing Computers Containing Sensitive Data Covered by FERPA and GLBA."
Connect with us
