« Vague post is vague | Main | Working Group Reports »
October 07, 2011
Data Security Resources
A list of what a proper resource solution should provide in terms of meeting data security recommendation practices. This is a proposed organization.
-------------------------
Data Classification
There are a host of documents available through IIA but I'm relatively familiar with them so will skip. The following are one-off documents that appear to be somewhat homeless but still may be useful.
A 2008 memo on sensitive data handling. To summarize, no sensitive data on desktop computers, removable storage or email.
Guidelines for the Contract for Obtaining Sensitive Data from the Toledo Adolescent Relationships Study - an example of a highly specific data handling agreement that covers collaborators, backups, replication, destruction, transmission and other facets of data storage.
Protecting Confidential Data on Personal Computers with Storage Capsules - A paper by UM researchers on a method for isolating sensitive data on a desktop computer from malware that may reside on the computer.
Criteria for sensitive data protection plans
- storage requirements for sensitive data, derived data is addressed, network solutions need not apply.
Research Data Strategy: Considerations of the Blue Ribbon Panel - Interesting snippet:
"Data is often not classified leading to data either being over protected because everything is treated like sensitive data or everything is under-protected by treating everything as public data"
-----------------
Appropriate Data Storage Solution
Should cover:
Access Authentication
Access Authorization
Access/Activity Logging
Account Management
Password Management
Disaster Recovery/Business Continuity Plan
Available Resources:
East Hall's IT group has a pretty good list up. Sensitive data seem to be a deal breaker, however. Value Storage's FAQ states that "is not intended for data that is [sic] considered sensitive, private/confidential or critical to the operation of the university. Value Storage may be considered for such data when the customer environment is tightly managed according to the guidance provided below."
Mainstream Storage's Service Level Agreement recommends users "exercise caution when storing sensitive data in Mainstream Storage space."
-----------------------------------
Encryption Solution
Should cover:
Digital Media Protection
Available Resources:
SafeComputing on Mobile Device Security (MDS) appears to be the best, single, UM-derived resource. Includes webcasts walkthrough on protecting data in motion and at rest.
White Paper on MDS. See page 3 for practical recommendations.
A more exhaustive take on MDS targeting IT folks is also available from this site.
------------------
Backup Solution
Should Cover:
Backup Requirements
Disaster Recovery/Business Continuity Plan
Available Resources:
As I understand it, Tivoli Storage Manager (TSM) Backup Service, will be available for researchers within LSA soon.
This should assist in meeting Disaster Recovery needs because TSM "has full UPS redundancy, enhanced electrical systems, fire protection, security systems, and environmental alarms...[and] is replicated"
---------------
Physical Security Solution
Should cover:
Physical Security - Mandatory
Physical Security - Recommended
Resources:
Not much right now. An likely outdated document with contact information identifying who to contact if, for example, you want to put in a key request at the LSA. I have a feeling this doesn't apply at the unit level in all instances.
---------------------------
Don't Require Solution
Should cover:
Third Party Data Handling
Audit/Review (of applicable procedures)
-------------------------------
Training Opportunity Solution
Should Cover:
Training and Awareness of Data Handling and Applicable Regulations
------------------------------------
Miscellaneous
Notes from LSA IT on secure server configuration available here.
Posted by kkwaiser at October 7, 2011 10:06 AM
Trackback Pings
TrackBack URL for this entry:
http://mblog.lib.umich.edu/mt-bin/mt-tb.cgi/2262
Listed below are links to weblogs that reference Data Security Resources:
» Janiah Butcher from Janiah Butcher
I truly appreciate this blog article.Much thanks again. Really Great. [Read More]
Tracked on January 30, 2012 03:46 PM
» Lorelei Normand from Lorelei Normand
Im thankful for the article post.Really thank you! Awesome. [Read More]
Tracked on February 27, 2012 05:47 AM
» http://www.goblueheron.com/louboutinoutlet.htm from http://www.goblueheron.com/louboutinoutlet.htm
You can also add designer stoles, scarves, and leather handbags, for making her feel the essence of a woman. Back in October when we filmed the first of several videos, she only had around 13,000 subscribers. I sure many of you feel the same way! Do yo... [Read More]
Tracked on April 9, 2013 06:28 AM
» flyknit trainer nike from flyknit trainer nike
This is getting a bit more subjective, but I much prefer the Zune Marketplace. The interface is colorful, has more flair, and some cool features like 'Mixview' that let you quickly see related albums, songs, or other users related to what you're listen... [Read More]
Tracked on April 13, 2013 05:12 AM
» BFhwRxCY from BFhwRxCY
Data Discussions: Data Security Resources [Read More]
Tracked on April 13, 2013 05:29 AM
» seo tools from seo tools
Data Discussions: Data Security Resources [Read More]
Tracked on April 13, 2013 06:53 AM
» burberry bags from burberry bags
Data Discussions: Data Security Resources [Read More]
Tracked on April 13, 2013 06:53 AM
» celine bags from celine bags
Data Discussions: Data Security Resources [Read More]
Tracked on April 13, 2013 06:53 AM
» red bottom shoes from red bottom shoes
Data Discussions: Data Security Resources [Read More]
Tracked on April 14, 2013 01:28 AM
» miu miu from miu miu
Data Discussions: Data Security Resources [Read More]
Tracked on April 14, 2013 04:32 AM
» wow gold from wow gold
Data Discussions: Data Security Resources [Read More]
Tracked on April 16, 2013 01:59 AM
» mulberry bags from mulberry bags
Data Discussions: Data Security Resources [Read More]
Tracked on April 17, 2013 08:01 PM
» michael kors outlet from michael kors outlet
Data Discussions: Data Security Resources michael kors outlet online . [Read More]
Tracked on April 18, 2013 12:16 AM
» hermes bags from hermes bags
Data Discussions: Data Security Resources [Read More]
Tracked on April 18, 2013 01:06 AM
» louis vuitton sacs from louis vuitton sacs
xnauuhdy xnauuhdy pdv1 xnauuhdy xnauuhdy [Read More]
Tracked on April 25, 2013 12:43 PM
» air jordan high heels from air jordan high heels
Data Discussions: Data Security Resources [Read More]
Tracked on April 26, 2013 06:33 AM
» Jordan Spizike from Jordan Spizike
air jordan 2,jordan retro 2,jordan hydro 2 [Read More]
Tracked on April 28, 2013 12:40 AM
» sac louis vuitton from sac louis vuitton
Data Discussions: Data Security Resources [Read More]
Tracked on April 28, 2013 01:33 AM
» air jordan 26 from air jordan 26
Air Jordan 14 . Air Jordan Retro 14. Light Graphite/Midnight Navy-Black-White. Price: $69. Jordan 14 Retro , 14 Jordan factory store free shipping. [Read More]
Tracked on April 28, 2013 08:40 PM
» burberry bags outlet from burberry bags outlet
A sad feature about the Air Jordan 8 was they were not as comfortable as other Jordan 8 Aqua. Jordan Retro 8 History The straps free shipping [Read More]
Tracked on May 1, 2013 09:50 AM
» sac lancel from sac lancel
air jordan fly wade,air jordans fly wade,air jordans [Read More]
Tracked on May 1, 2013 04:51 PM
» cheap jordan shoes from cheap jordan shoes
air jordan aero flight,air jordans aero flight, nike air jordans [Read More]
Tracked on May 1, 2013 06:20 PM
» seo software from seo software
Data Discussions: Data Security Resources [Read More]
Tracked on May 3, 2013 01:36 PM
» louis vuitton bags from louis vuitton bags
Data Discussions: Data Security Resources [Read More]
Tracked on May 3, 2013 07:44 PM
» diablo 3 gold from diablo 3 gold
Data Discussions: Data Security Resources [Read More]
Tracked on May 4, 2013 12:21 AM
» mulberry bags from mulberry bags
Data Discussions: Data Security Resources [Read More]
Tracked on May 6, 2013 05:15 PM
» cheap jordans from cheap jordans
Data Discussions: Data Security Resources [Read More]
Tracked on May 9, 2013 09:50 AM
» discount designer handbags from discount designer handbags
Data Discussions: Data Security Resources discount designer bags [Read More]
Tracked on May 19, 2013 11:17 AM
» buy wow gold from buy wow gold
Data Discussions: Data Security Resources [Read More]
Tracked on May 20, 2013 02:01 AM
» christian louboutin shoes from christian louboutin shoes
Data Discussions: Data Security Resources [Read More]
Tracked on May 27, 2013 04:29 AM
» Vibram Barefoot Shoes from Vibram Barefoot Shoes
Data Discussions: Data Security Resources [Read More]
Tracked on May 27, 2013 04:29 AM
» Vibram Barefoot shoes from Vibram Barefoot shoes
Data Discussions: Data Security Resources [Read More]
Tracked on June 8, 2013 11:32 AM
» Ralph Lauren Polo from Ralph Lauren Polo
Nike Air Force One Dames [Read More]
Tracked on June 8, 2013 05:22 PM
» Ralph Lauren Pas cher from Ralph Lauren Pas cher
Nike Air Force One Dames [Read More]
Tracked on June 8, 2013 05:23 PM
» Nike Air Force One Dames from Nike Air Force One Dames
Nike Air Force One Kopen [Read More]
Tracked on June 8, 2013 05:23 PM
» Ralph Lauren Polo from Ralph Lauren Polo
Ralph Lauren Femme [Read More]
Tracked on June 8, 2013 05:23 PM
» Monster Beats Outlet from Monster Beats Outlet
Data Discussions: Data Security Resources [Read More]
Tracked on June 9, 2013 09:15 PM
» Los angeles Kings Jerseys from Los angeles Kings Jerseys
an count), you are going to hear that publishers are normally seen as the "frenemy": entities you do business enterprise with but by no means trust. [Read More]
Tracked on June 13, 2013 06:33 PM
» liverpool jersey from liverpool jersey
Data Discussions: Data Security Resources [Read More]
Tracked on June 15, 2013 04:56 AM
» MBT OUTLET from MBT OUTLET
Data Discussions: Data Security Resources [Read More]
Tracked on June 15, 2013 04:56 AM
» AABX from AABX
Data Discussions: Data Security Resources [Read More]
Tracked on June 18, 2013 05:13 PM
» Werder Bremen Jersey Away from Werder Bremen Jersey Away
Data Discussions: Data Security Resources [Read More]
Tracked on June 18, 2013 06:51 PM
» fleshlight from fleshlight
In our fleshlight 20s, we can t do much of a firm's worthiness. [Read More]
Tracked on June 19, 2013 03:29 PM
» coach purses from coach purses
Coach has been a world-renowned brand that has garnered the reputation of manufacturing highly fashionable handbags. The coach outlet collection does not just center on handbags but also offers backpacks for that overnight camping trip you annually hav... [Read More]
Tracked on June 19, 2013 11:37 PM