Several incidents have occurred at universities that show just how vulnerable private data can be when not handled in a secure manner. Find out about these occurrences:
- UC Berkeley (PDF)
Note: This is perhaps the worst attack suffered by UC, involving state data for 1.4 million people that was being used for a research study. Take note of the research implications; the state has since withdrawn the researcher's access to the database.
- University of California Office of the President
- University of Georgia
All members of the UCSD community are obligated to respect and protect private information, whether it is transmitted and stored electronically (e.g., e-mail) or in print. Individuals are responsible for the information under their control. Responsibility for protecting individual privacy is a part of everyone's job.
What you can do to help prevent security breaches
- Read the campus notice about your responsibilities.
- Set up your secure system access.
- Use a virtual private network to safely access network resources from off campus.
- Report suspected security violations to your department's technical support person. If you don't know who that is, contact the ACT Help Desk, (858) 534-1853.
- If you use and/or store private information such as your Social Security, credit card, or driver license number, examine all of the business processes you undertake for the University and ensure that the retrieval/ storage of private information within your office setting is absolutely necessary for such processes.
- Answer "yes" to the following statements:
- Access to all private information I work with is restricted on a need-to-know basis.
- Access to my computer and other information technology equipment assigned to me is password-protected.
- I log off my computer or use a screensaver password when I leave my work station.
- Information on my screen is kept hidden from visitors to my work area.
- All sensitive papers, printouts, etc., are safely secured during the day when I leave my work area and locked up during non-work hours.
- My computer has up-to-date anti-virus software and software patches.
What UCSD is doing to prevent network security breaches
- Computer Incident Response Team (CIRT) Process: Learn how the Team responds to a security incident.
- Computer security: Review security responsibilities at UCSD.
- Network security: See security controls that are in place.
- Preventing identity theft: Learn about UCSD's responsibilities.
- Social Security Number masking: See how UCSD complies with new laws that protect privacy.
- Single Sign-On: Find out about UCSD's one-stop sign-on process.
- Organizational structure: See the individuals, groups, and divisions responsible for network security at UCSD.