Information Security Guide

Meenu Jain (09609083)

Sonal Bora (06502923)
Pankaj Kumar Singh (09609036)

12/07/21 Information Security Guide 1

 Introduction

 Information Security Guide by Case Western

research University.
 To protect information resources.

 To make sure information systems are not

used in a way that damages the university,
students, or its employees.
 Information Security is a Collective
Responsibility.

 Helps safeguard from situations that could

inadvertently disclose university & students’

information.
12/07/21 Information Security Guide 2
 Handling Sensitive Information

 Safeguard sensitive information from

damage, loss, misuse, or unauthorized
disclosure.
 Lock or log off computers when away
from your desk.
 Use a password-protected screensaver.

 Keep sensitive files from inadvertent

disclosure by ensuring they are not on
freely accessible servers.

12/07/21 Information Security Guide 3

 Human Capital Management

 Enables easily accessing payroll and benefits

data and securely managing personal and
banking tasks.
 Do not share your network password with
anyone.
 Do not enable automatic login.

 Be sure to log out each time you visit the

HCM website.
 Avoid using your ID and password
combination for other personal accounts.

12/07/21 Information Security Guide 4

 FERPA & HIPAA

 FERPA protects the privacy of student education

records.
 Information is to be stored and transmitted using
practices for sensitive information.
 Access to data is restricted to individuals who
need this information for legitimate educational
purposes.
 HIPAA mandates the protection and privacy of
patient health information.
 Ensure that patient data is safeguarded against
potential hacking and unauthorized access.

12/07/21 Information Security Guide 5

 Passwords

 Keep your Network ID, Passwords, and

PINs Confidential.
 Don’t use anything that can be easily
guessed.
 Strong passwords should be at least 12
alphanumeric characters in length.
 Passwords should be changed often
 Passwords should not be shared, posted,
written down, or recycled.
 Passwords should be unique.

12/07/21 Information Security Guide 6

 E-mail and Instant Messaging

 E-mail and IM are not risk free.

 Be cautious about what you send.
 Be wary about the actual source of
received e-mails.
 Set up spam and junk mail filtering to
reduce your mail volume and risk
 Do not open an attachment that seems
odd or out of context.
 Always check the “To:” distribution
line before sending a message.

12/07/21 Information Security Guide 7

 Computer Virus & Spam Protection

 Electronic viruses are rampant. Protect yourself

 Make sure that you understand the source and
purpose of any attachment before opening it.
 Make sure that your computers are always
running current anti-virus software.
 Sign-up for automatic online live updates to
ensure up-to-date protection.
 Consider using a separate e-mail address for
some public activities.
 Never buy anything advertised in spam.

12/07/21 Information Security Guide 8

 Internet

 Be aware of Internet risks.

 Pay attention to security warnings
 Don’t assume that information found
on the Internet is necessarily accurate
or up to date.
 Make sure that all materials you
download comply with all applicable
laws, copyright restrictions, and Case

policies.

12/07/21 Information Security Guide 9

 Public Wireless Hotspots and Spyware

 Wireless networking requires vigilance.

 Use a VPN (Virtual Private Network)
encrypted connection when you access
proprietary information wirelessly.
 Protect yourself from spyware intrusions.
 Use an anti-spyware product from a
trusted vendor.
 Use a personal firewall product and keep it
updated.

12/07/21 Information Security Guide 10

 Phishing

 Protect yourself from identity theft.

 Legitimate organizations NEVER request personal information in such a way.
 A phishing e-mail is seldom addressed to you directly.
 A phishing webpage will look authentic.
 Phishing is rooted in information and identity theft, which permits online theft
of millions of dollars.

12/07/21 Information Security Guide 11

 Anti-Hacker Checklist - Never divulge information to strangers.

Hackers often obtain confidential information by contacting employees who

unintentionally respond.

 Verify the identity of callers requesting information.

 Refer all inquires on information about yourself/employees to HR.
 Never discuss Case’s computer hardware, software….., unless the person
is known or can verify his/her identity and need to know.
 Never respond to online inquiries about banking, credit
card or other personal information.
 Never give out password to anyone under any circumstances.
 e wary of phishing techniques.

12/07/21 Information Security Guide 12

 Software Piracy and Copyright – Use only licensed software.
University provides many software programs and packages generally at no

cost to its faculty, staff and students.

 Do not install any unauthorized software on PC.

 If a specific software package is required which is not available

with Chase Software Center, contact business manager/Help Desk.

 Do not create unauthorized copies of vendor software.

Voice Mail – Ensure voice mail confidentiality.

 Select passwords having at least 4 characters (8 characters are recommended).

 Do not tell anyone else your password and avoid writing your password down.

 Change password periodically.

 Change password immediately if you think that someone else knows it.
12/07/21 Information Security Guide 13
 Removable Media – These powerful tools can be full of important
and proprietary information.

Removable media such as diskettes, CDs, USB drives and other

media often contain important information and should be secured.

 Lock up removable media when not in use.

 Do not place removable media near magnets/magnetic devices.
 Properly label diskettes and other removable media.
 Do not dispose of a disk without ensuring the destruction of information.
 Be sure to inventory the contents of media on a regular basis.

12/07/21 Information Security Guide 14

 Mobile Devices – Be cautious when using mobile devices.

Mobile devices such as laptops are a convenient way to take information

and databases anywhere, but also a popular target for thieves.
Do…
 Backup data regularly and keep an updated copy in a separate location.
 Keep mobile devices out of sight and secure whenever possible.
 Require passwords to access mobile devices.

…Do Not
 Do not store sensitive information (e.g. password, bank information).
 Do not leave mobile devices unattended.
 Do not cache your Case ID in auto-logins from mobile devices.

12/07/21 Information Security Guide 15

 Theft Deterrents – Protect your electronic equipment from theft.

 Restrict physical access of machines to trusted and authorized individuals.

 Never leave a laptop unattended and make sure it is secured with a
cable lock or locked into docking station, or in a drawer.

Protect your home PC – A five-step proactive security approach.

Step 1: Set Security Configurations.

Step 2: Use an Internet Firewall.
Step 3: Update Computer.
Step 4: Use Up-to-Date Antivirus Software.
Step 5: Secure Home Wireless Network.

12/07/21 Information Security Guide 16

 Conclusion
 Information Security – A Collective Responsibility

12/07/21 Information Security Guide 17

 Thank You
Any Questions ?

Meenu Jain (09609083)

Sonal Bora (06502923)
Pankaj Kumar Singh (09609036)

12/07/21 Information Security Guide 18