Thursday, November 12, 2009

Information (In)security

Information insecurity
Presenters for the session were Sunyeen (Sunny) Pai, Digital Initiatives Librarian, KCC and Susan Murata, Head Librarian, KCC.

The presenters from Kapiolani Community College, Honolulu, HI gave an overview of sensitive information, laws governing information security, concerns for libraries, and tips regarding solutions for security breaches.

Sensitive Information as defined by Hawaii state statute and university regulations may include the following information: NAME + Social Security Number; HI driver’s license or State ID #; Bank /Credit card information; Account pass; Date of Birth; FERPA; and HIPAA information.
Concern for libraries are breaches potentially involving: Email notices; delinquent notices; SSN; tax setoff lists; DOB; and shared passwords for logins at circulation desks.

When server systems with confidential information are left open malware can attach to files and steal the information. This can happen if social media applications such as Facebook and MySpace are being accessed simultaneously while the server system is standing open. Opening e-mail attachments and e-mail can have a similar result.
Library management (from the top down) can help by making all employees responsible for their behavior. Daily virus updates and Windows XP updates are critical in preventing security breaches to library servers.

For more information concerning state statutes and laws governing information security, as well as tips to protect your organization, follow the link below:

No comments:

Post a Comment