Higher education and Data security
In General, our institutional systems are designed on the principles of free information exchange to accommodate diverse user populations. The concept of free exchange of information, ideas and research do however create unique security challenges. Compliance with various regulations including FERPA, HIPAA, PCI DSS as well as other state and federal privacy regulations often puts the burden of protection on all our shoulders. The following are beginning steps, we as a community can take, to
share the security responsibility.
What is at risk?
identifiable information (PII)
records of students and possibly their parents
steps can you take to better secure your information?
strong passwords and change your passwords often.
Remember strong password is one that is not obvious or easy to guess. A strong
password should be 8 - 12 characters long and include a combination of upper and
lowercase letters, numbers, and symbols such as punctuation marks and special
Do not share your password or username with others.
Do not email your password to others.
Always change the default password when you receive a new account that requires
a password and assigns a default.
Make it a practice to change your password every 90 days, especially when using
public computers. This practice will better prevent people from knowing and
utilizing your password.
When setting up multiple accounts, try to use unique passwords for each account.
Try not to write your passwords down; choose passwords that are easy to
remember. If you must write them down, keep it is a secure place. This included
the electronic saving of passwords.
Do not log others into a computer with your password.
Use the standard campus-wide anti-virus program and be aware of steps to take to
minimize computer virus risks
New viruses appear constantly
and daily virus definition updating decreases the risk of computers becoming
infected. While IT provides anti-virus software and maintains the update
schedule you should never attempt to turn it off. If you believe it is
necessary, contact the IT Helpdesk for assistance.
All computers joining the WSC
domain are mandated to be virus protected.
Email and attachments
- Remember, If you receive an unexpected email attachment, even if you know the
sender, do not open the attachment unless you can answer "YES" to all three of
the following conditions:
I know exactly what this file is.
I have scanned this file with my virus scan AND I have ensured that my virus
scan was recently updated.
I have verified the identity of the sender and their intentions via email or
This includes Chat rooms and associated links.
Do not save sensitive date to unsecured devices.
Laptops, memory sticks, memory cards should be encrypted whenever sensitive data
You can also encrypt data when sent via an email.