Search| Browse| Contribute
Library| Blogs| Jobs| Podcasts| Wikis| Feeds
Page Location:
Home > Browse > Information Technology Management and Leadership > Information Policies > Security Policies, Data Security, and Cybersecurity (2 records)
Alternate ViewsRSS

Security Policies, Data Security, and Cybersecurity

Recent blog entries tagged with Security Policies, Data Security, and Cybersecurity.

EDUCAUSE Security Professionals Conference 2006. Summary:System-wide Strategies for Achieving IT Security at Univ. of California
Created by Lida L. Larsen (EDUCAUSE) on April 25, 2006
System-wide Strategies for Achieving IT Security at the University of California
Jacqueline Craig, Director of Policy, University of California Office of the President
David H. Walker, Director of Advanced Technology, University of California Office of the President
 
How do you effectively achieve appropriate stewardship of both personal and restricted information which is used across an institution’s academic, administrative, and other operations?  This session took a close look at the efforts of the University of California system efforts.
 
UC has experienced a number of serious security breaches across the 18 campuses, centers and labs.  In 2003, California passed legislation requiring notification if there is a reasonable belief that unauthorized access of information has occurred and there is reason to believe that privacy of individuals has been compromised.  UC responded by instituting a university-wide security workgroup to come up with solutions.  The workgroup was comprised of faculty, deans, vice-chancellors, general counsel, security officers, CIOs and directors.
 
The working group agreed upon a number of recommendations:
  • Leadership actions to achieve accountability
  • University-wide communication and security education & training
  • Stronger IT security policies
  • Risk assessment guidelines and mitigation with focus on both academic and administrative strategies.
| | | | | |
llarsen's blog  Login to post comments  Read more  Send to Friend  4081 reads

UCISA Information Security Toolkit
Created by Stuart Yeates (University of Oxford) on March 15, 2006

USISA
Originally uploaded by Stuart Yeates.

UCISA were at the 2006 JISC Conference, touting their Information Security Toolkit:



The UCISA Information Security Toolkit is intended to support UK Higher and Further Education Institutions in producing Information Security policies to address (and to demonstrate that they are addressing) threats to the confidentiality, integrity and availability of information systems for which they are responsible, and to help meet audit requirements. The sections draw heavily on British Standard BS 7799, not least by adopting its structure for control objectives and controls.


Unfortunately it's very much embedded in the UK legislative framework, so only the technical bits will be of much use to those outside the UK. Strangely enough, I spent three days in Blackpool last week at their big annual event and didn't catch up with the toolkit at all, presumably they were all too busy running the event to promote their own documents.

| | | | | | | | |
StuartYeates's blog  Login to post comments  Read more  Send to Friend  4164 reads