Information Systems Services Protecting Data – Keeping Safe Kevin Darley, IT Security Co-ordinator 8th November 2012 Information Systems Services Key Points - Information Protection Policy (1) •Information Classification: •Confidential •Highly Confidential •Responsibility: •Assessment •Management & Control •Secure Backup: •University Servers Information Systems Services •3rd Parties – Email & Storage Information Systems Services Key Points - Information Protection Policy (2) •Information Access: •Password Controls •Remote & Home Working •Physical Controls & Destruction •Transfer of Information: •Laptops & Memory Sticks •Emails & Post •Encryption Information Systems Services •Security through Obscurity Information Systems Services Encryption - The Sophos Suite •Device Encryption: •Laptop Hard Disks •Data Exchange: •Removable Media •FileShare: •Shared Keys •Secure Cloud: Information Systems Services •Externally Hosted Storage Information Systems Services Why Sophos? •Enterprise Solution: •Password (Key) Self-Service Reset •Challenge Response •Key Deletion •Key Escrow •What’s Missing? Information Systems Services Information Systems Services Meanwhile……. ……..you can use the in-built encryption tool of Office to ‘secure’ documents and then email them as an attachment, but beware….. Information Systems Services Information Systems Services Information Systems Services Information Systems Services Information Systems Services Information Systems Services Information Systems Services Information Systems Services Information Systems Services Information Systems Services Information Systems Services Information Systems Services Common Pitfalls: • Phishing • Mis-configuration/Unauthorised Software • Misdirection of Email • Loss of Laptop, Memory Stick or Documents • Theft of Laptop or Documents • Inadvertent Inclusion of Sensitive Information Information Systems Services Information Systems Services Areas of Risk: • Home PCs: • Open Access • Dodgy Websites • Onus of Maintenance • Laptops & Briefcases: • Higher Probability of Burglary • Easy to Carry • V& A Information Systems Services Information Systems Services Risk Reduction: • Maintain Security of Home PCs: • Microsoft Security Essentials • Malware Bytes • Onus for Maintenance • Portable Devices: • Use In-built Security • Report Loss/Theft • Laptops & Briefcases: Information Systems Services • Be Security Conscious • Out of Sight / Take it to Bed Information Systems Services Help & Reporting : • If in Doubt Please Ask!: ISS Helpdesk % 0113 34 33333 ) [email protected] • Please Report Actual or Suspected Security Breaches as soon as Possible: Kevin Darley – IT Security Co-ordinator Information Systems%Services 0113 34 31118 ) [email protected]
© Copyright 2026 Paperzz