|
|
|
|
|
UC DAVIS: Information and Educational Technology October 24, 2006 To: All Staff and Academic Senate Members and Academic Federation Members Re: Identity Theft Prevention The protection of personal identity information is mandated by federal and state law and by university policies. As a member of the UC Davis community, you may have access to personal identity information, such as Social Security numbers, California driver identification numbers, and/or financial account information. All members of the university community are obligated to respect and protect private identity information, whether it is transmitted and stored electronically (e.g., e-mail) or in hard copy. To help secure electronic personal identity data, we ask that you follow the five steps outlined below. One of those steps involves two new software tools that we are pleased to inform you have recently been added to the UC Davis Cyber-Safety Program. 1. Understand your responsibilities By implementing the security measures described here, the number of computer security breaches involving campus affiliates' personal identity information will be reduced, and you will help protect yourself and other members of the UC Davis community from the costly, time-consuming and embarrassing consequences of identity theft. We also want to ensure you are aware that, given the seriousness of this issue, individuals are held responsible for preventable security breaches involving personal information, up to and including dismissal. In addition, the responsible unit bears the costs of any notifications and any remediation measure. 2. Identify all electronic identity records Over the past three years, the university has learned that the most overlooked storage areas for this private information are files that are infrequently accessed, particularly: - Computer files created from 1990-2001 (e.g., storage media inherited from retiring staff or faculty member or a discontinued institutional program); - Old student rosters; - Computer databases for students, applicants, staff or faculty - Internal electronic communications pertaining to students, staff or faculty; and - Reference letters and personnel documents. 3. Run a personal identity locator software tool Two search utilities, Cornell Spider and PowerGrep, are available to campus departments at no cost. The technical support staff in your department now has access to these utilities. Once installed and configured, these utilities will help search for and locate personal information in electronic files. For more information, please contact your technical support staff. 4. Remove or secure the data Once the private information has been located, exercise your personal responsibility to protect it. Either transfer the data to back-up media (where needed only for archival purposes) or secure the data through obfuscation. Any back-up media containing personal identity information must be physically secured. 5. Encrypt electronic devices If you have electronic personal data that cannot be removed or placed on secure portable media, encrypt the information. Later in the fall, the campus will provide Pointsec encryption software for mobile computing devices (e.g., laptops, personal digital assistance, etc.) at no cost for department use. Additional information will be shared with department technical support staff as the Pointsec software is released. We encourage you to visit the Security Web site at http://security.ucdavis.edu. There, you will find more information about these steps, instructions for downloading and using the personal identity locator tools, support resources, additional measures to secure your computing systems and data, as well as in-depth descriptions of the campus cyber-safety standards. We appreciate your continuing support of this important UC Davis initiative and the campus Cyber-safety security standards. If you have any questions regarding this directive, please contact Robert Ono, IT Security Coordinator, 530-757-5795. Best regards, Virginia S. Hinshaw Provost and Executive Vice Chancellor Linda Bisson Chair, Academic Senate Stan Nosek Vice Chancellor, Office of Administration Peter M. Siegel Vice Provost, Information and Educational Technology 06-116
 Office of the Chancellor | Contact Information | Current Issues | Speaking Out | Staff and Organization | Philosophy of Purpose | Principles of Community | Administrative Resources Modified: 12/14/2006 12:57:18 PM Comments: |
