What are we protecting? Student Data (SSN, Grades, DOBs, Credit - - PowerPoint PPT Presentation

• Freeze your credit will stop someone from opening a new line of

credit in your name FREE!

• You can unfreeze your credit at any time
• Get an annual copy of your credit report and review it

ALSO FREE!

• Student Data (SSN, Grades, DOBs,

Credit card)

• Employee Data (Payroll, SSN,

Benefits)

• College Data (Alumni, Reputation ,

Intellectual Property)

What are we protecting?

• Family Education Rights and Privacy

Act of 1974

• Student Records are covered by FERPA,

and prohibit the access and release of student education records outside the institution and only for those within who need to know.

• An education record is any record that

directly identifies a student and is maintained by the institution.

– Handwritten, computer, email, carved into

stone, etc.

• Students can authorize their directory

information to be published and is not under FERPA.

• Information may include:

– – Street address – Email address – Telephone number – DOB – Degrees and awards – Class year – Major and minor – Participation in official activities and sports – Height and weight if on a sports team

• Directory information can never include:

– SSN – Student ID number – Race – Ethnicity – Nationality – Gender

• Students have a right to request that

directory information about them not be disclosed.

• Public posting of grades either by a

is a violation of FERPA.

– Includes posting grades to a website, any

public area or departmental offices

– Notification of grades via email is also a

violation of FERPA

• FERPA considers Teaching Assistants to

be an extension of a faculty member.

When can information be released without student consent?

• School employees who have a legitimate

educational interest.

• Other schools, upon request in which the

student is seeking or intending to enroll.

• Accrediting organizations to carry out

accrediting functions.

• Appropriate parties in connection with

financial aid to a student to determine eligibility, amount or conditions of financial aid, or to enforce the terms and conditions of aid.

When can information be released without student consent?

• A court in which the institution is

defending itself against legal action initiated by a parent or eligible student.

• Individuals who have obtained a judicial
• rder or subpoena.
• To Parents when:

– Student is a dependent of the parent for tax

purposes with appropriate documentation.

– Health or safety emergency. – Student is under 21 years of age at the time

• f the disclosure and student has violated a

federal, state or local law or any rule under the institutions policy.

Further Compliance:

• Institutions must notify current students

in writing their rights under FERPA

• Grant access by students or parents, if

applicable, to education records

• You should contact the Registrar's

Office if you receive a request to release

student information, and you are unsure if it is OK for you to do so.

• Lock your workstations
• Secure and/or shred

documents

• Prevent shoulder-surfing
• Prevent tailgating

QUIZ Which password is the strongest?

A) aLhW49K$ B) Summer_ is_ H3R3!! C)P@SSword D) None

Answer: B

Window Desk F ireplace C hair

• 1. Pick 3Random words

Window Desk F ireplace

• 2. Remove spaces/S

ubstitute with underscore

• 3. Add the name of the website
• 4. S

ubstitute special characters/numbers WindowDesk_F ireplaceNetflix WindowDesk_F ireplaceN3tfl!x WindowDesk_F ireplace

• Don't reuse your password or variations of it
• Keep passwords confidential-
• Longer passwords are stronger use a passphrase
• Use multifactor authentication

– https://www.turnon2fa.com/

Password Security

What is a Password Manager?

• Stores all passwords in a single location
• Uses a master password to access
• Many can be synced across multiple devices
• Do your research

Security Questions

• Use answers that are not true and that only you know

much of this data is publicly available and easy to guess

• –

– Information (grammar, time email was sent, etc.) – When in doubt call or text the person who sent you the message

• Do not send or save sensitive data in emails (SSN, acct #, passwords)
• Secure account with multifactor authentication

Email Security

Secure Browsing

• Avoid saving passwords in the browser
• Only use recognized, trusted websites
• Type in URL rather than click on an unknown link
• Download software from trusted sources
• Keep your browser up to date
• Consider using a VPN
• Beware phishing sites now use HTTPS too

Report any cybersecurity concerns or issues immediately!

Reporting Security Incidents

Antivirus/ Anti-Malware Security

• Always use it
• Always keep it up to date
• Run full scans regularly

Securing your Wi-Fi networks

Setting up new router and network

• Update firmware of router
• Change default username and password
• Use WPA2 for security type
• Change name of network
• You can hide your SSID for broadcasting
• Create a secondary network for guests

• When it comes to security, not all devices are created equally
• Be careful when purchasing previously owned items
• Change username and password
• Update device software
• If possible have separate networks for IoT connected devices
• On Rental cars REMEMBER to delete and erase syncs from your

phone

IoT Considerations

Did you check for a skimmer device?

• The use of credit card skimmer devices are on the rise
• What is a skimmer
• A skimmer is a device placed over credit/debit card machines to steal

your credit card information from the magnetic strip

• These devices can be very hard to detect and come in an array of types

Source: Krebs Security

Source: Krebs Security

How to protect yourself

• Cover your hand over the keypad when entering your PIN
• Check the credit card reader by wiggling it or looking for

tampering (again it may not be obvious)

• Stick to using ATMs inside of a bank or inside a business, these are

generally safer than using one found outside on the sidewalk

• Use your credit card for purchases rather than your debit card

Using public Wi-Fi

• Confirm name of Wi-Fi network if unsure
• Be cautious if Wi-Fi asks you to download software or enter in

personal information to connect

• Use a Virtual Private Network (VPN)
• Consider using a Mi-Fi type device if you plan on using Wi-Fi often

Staying secure on social media

• Use caution when clicking on links to videos, advertisements or

articles

• Limit the information you share about yourself and who you are

sharing it with

• Never post pictures of your desk or ID badge
• Review and adjust your privacy settings
• Be aware of fake profiles or requests to join your social network
• Do no download software from social media
• Turn on 2FA for your accounts

Securing your mobile devices

• Secure devices with a strong password, PIN (6 digits) or

biometric

• UPDATE your devices and apps
• Avoid storing personal information on devices
• Setup up or turn on options to remotely find your device if it is

lost of stolen

• Find my iPhone or Android Device Manager
• Wipe device before trading it in or reselling it
• Never send personal information via text message

Mind your apps

• Stick to downloading apps from Google Play and Apple App Store
• Be on the lookout for fake apps
• Privacy Alert! Is the app tracking you or storing personal

information?

• Once you download, check the permissions
• Android Settings

Apps & notifications App permissions

• Apple iOS Settings - Privacy
• Update your apps

updates often include security patches

• Not all apps are encrypted end-to-end

Building Blocks of C ybersecurity

1.

• 2. Secure all your devices (Mobile, IoT, workstation)

3.

• Shred/Secure confidential

documents

• 4. Think before you click Read emails closely - watch out for

phishing attacks

• 5. Be careful what you do and share on social media
• 6. Use Unique Long and Strong Passwords and 2 factor

authentication

Building Blocks of C ybersecurity

• 7. Don't let your guard down in public - use caution with free

Wi-Fi

• 8. See something Say Something Report all security

incidents and suspicious activity immediately

• 9. Be on the lookout - Practice Safe Browsing

10.Stay Current Patch your devices and software 11.Take Action freeze your credit file and place fraud warnings on financial accounts