University of Michigan has an open network architecture that is extensively used for student access, faculty research, and university collaboration. But this architecture makes it vulnerable to many attacks.
There are thousands of student/staff computers and handheld devices on the wireless and wired segments which might be either compromised or infected. Furthermore, since the computing environment is decentralized and the philosophy of academic freedom is followed, establishing an effective information security management system is deemed necessary though it is a difficult task.
Mission: University of Michigan is committed to providing a secure and accessible data and networking infrastructure that protects the confidentiality,
…show more content…
Examples: Social
Security Numbers, payment card numbers, medical records, student data that is not considered directory information, information protected by non-disclosure agreements, confidential research data.
Sensitive Data is University Data for which unauthorized disclosure or modification would not result in direct financial loss or legal violations, but may otherwise adversely impact the University. Examples: Budget, salary information, cell phone numbers, departmental policies/procedures, internal memos, incomplete research.
Public Data is University Data that no authorization and may be freely disseminated without potential harm to the University. Examples: Advertising, product and service information, directory listings, published research, presentations or papers, job postings, press releases.
The people related to the data can be classified based on who use the data, who create the data and who have access to the data. Information Custodians/Managers (including Vice-Presidents, Deans, Associate
Deans, Managers of Academic Resources, Department Chairs, Directors and Managers) are typically the managers responsible for ensuring the quality of and control over the University Data in their custody.
Information Users include all persons who have been authorized to
The university should educate the students and faculty to access authorized data without exposing the data to outsiders.
ICT set up—1 PC per student ( Every student will access to a computer each and computers are arranged in a group of 5to facilitate collaborative working effectively.
These extremely large data sets may be analyzed computationally to reveal patterns, trends, and associations relating to human behavior and interaction. These analysesaffect us on day to day basis positively and negatively and the legality of how this information is collected and the laws that apply may be unclear. Both with or without users' knowledge, consumer personal data is collected from every daily, digital activity; from purchases, web searches, amazon searches, browsing history, and phone use. This data is generated, and then downloaded and stored. [15] Companies can then use this data to create "data sets" or large files of users' data to produce customer profiling. This data can also be used by police, the governmental bodies, scientists, businesses, military, and other industries where occasional breaches of data are expected .[16] Breaches and leaks of personal information including phone calls, credit card information, home address, and personal phone numbers are examples of information that is logged and stored by these corporations while making "data sets". Much of this information is being processed and sold to marketers for the purpose of marketing their products. This information is stored digitally and in some cases, regardless of the security of the information being stored, there are risks of unauthorized parties
|What is the manager’s |Accuracy in acquiring the data is essential to management. It is the responsibility of the manager to take control and ensure all numbers and data collections add up. It is also the |
Classroom consists of 30 desktop PC’s for individual student use. These PC’s are situated on a shelf that is built into the wall and not able to be moved. The PC’s are hard wired into the network for internet connections. PC’s are all configured with Microsoft Office 2013.
Surveys were coded by a numbering system developed by the researcher, to protect the confidentiality of the participants. For student records any identifier for each person were deleted ensuring privacy and anonymity to the researcher
With a third person, provided that permission has been received from the individual that the information is about (Hernandez, 2015).
“Most: (Schloss, P. J;, & Cragg, K. M., 2013) stated in the postsecondary context, the rights of access to and privacy for educational records belong to the student.”
Data and information management is a huge growth area. But it's not just data management creating new job opportunities, its gathering, analyzing, storing and securing the data as well.
Confidentiality is not breached, so that information is accessed only by those authorized to do so.
The Main Purpose of Security Management and Security Measures must be Commensurate with the Threat
With data and the collection of it, comes the added need for security. To begin to understand how we need to secure the data we collect we need to understand a few aspects of the
What is Data Classification? Why is it important in understanding it for assigning access control?
University employees will take every measure to ensure confidential data is protected and accessed exclusively for job related responsibilities. Confidential data includes personal, financial and educational records for employees, students, alumni and friends of the university. This covers both paper and electronic records. Users must:
Publishing research data in articles could make it available for public to access. In this article, the authors have discussed about sharing the research data by letting public access it leads to a challenge of reusing the data. There are various questions that might arise in the researchers’ minds including queries about the legal rights, the owner of the rights, and rights for permission to share the data that leads to productive utilization of the data.