Data Security: Policies and Regulations Impacting Research Data

Typically there are 3 main characteristics that come into play when dealing with information security:

1. Confidentiality : Ensuring data remains private.
2. Integrity : Ensuring the data is accurate.
3. Availability: Ensuring data is accesible to the appropriate people.

Higher education institutions are often targets for people who are looking to mine sensitive information for profit.  UNC is an institution committed to information sharing, and this includes sensitive data. It is important to note that everyone who comes into contact with sensitive data has a responsibility to ensure information security.

Computer management, maintenance and upkeep

• Identify systems storing sensitive information
• Scan these systems for vulnerability monthly
• Ensure operating systems and system applications are up to date

Encrypt mobile devices

For devices storing sensitive information, encryption is required.

• Whole disk encryption on laptops
• Device or file and folder encryption on smartphones
• File and folder encryption on portable media like flashdrives

Tools to use

• Pretty Good Privacy (PGP)
• Truecrypt
• Hardware encrypted devices
• Passwords

Adopt less risky behaviours

• Limit personal browsing on machines with sensitive information
• Remove sensitive information from machines that do not need it
• Be wary of free software
• Avoid storing sensitive information on mobile devices
• Report suspicious events

More Information

<Previous   Next>