Assistant Director of the N.C. State Office of Information Technology Security Compliance unit John Baines presented “Plain English Data” on Tuesday at Scott Hall as part of October’s Cyber Security Awareness Month.
The theme for the month is “Take Control,” which attempts to create dialogue about ways to increase awareness and prevention of online security problems.
Baines explained methods of keeping data at N.C. State secure and protected and said data can be information from a credit card, research that has not been patented, health information, social security numbers and many other types of private information.
“Sensitive data exists in various forms, and we need to approach different levels depending upon how sensitive it is and how much it costs to protect,” Baines said.
Baines classified types of information by how critical and sensitive the information is. The categories for each type were ultra, high, moderate, normal and unclassified sensitivity levels of information.
Ultra sensitive information includes social security numbers, credit card numbers and credentials. Family Educational Rights and Privacy Act records, for example, are considered moderate.
“There is a lot of sensitive data at the University and a lot of money and reputation involved,” Baines said. “We need to treat differently the data at different levels because the more you protect it, the more it costs to protect and the harder it is to get to.”
Baines talked about the incident when a professor of radiology at UNC-Chapel Hill School of Medicine, Bonnie C. Yankaskas, had a data security breach on the university’s computer server.
According to UNC News, personal and medical information of 180,000 women in Carolina Mammography Registry was leaked to a hacker. More than 100,000 social security numbers were also breached.
Baines talked about the repercussions and costs of this incident at UNC-CH to emphasize the importance of data security. According to UNC News, there was a lack of communication between UNC-CH and Yankaskas, making the CMR server more vulnerable.
“I work with computers and care about security, so I come to all of the events for this month and try to promote this with non-technical people in my department,” said Bruce Dean from the department of transportation. Anad I keep trying to get more of them to attend,”
According to The News & Observer, the UNC-CH data breach cost the university an estimated $250,000. Baines aims to provide the N.C. State community with guidelines for keeping data protected to keep sensitive information classified and to avoid costs for repairing a data breach.
According to Deborah Booth, security analyst for the OIT Security and Compliance at N.C. State, Cyber Security Awareness Month is an annual event with six presentations. There is an upcoming Brickyard event on Wednesday, Oct. 16, 11 a.m. to 3 p.m. for students called, Mobile Security Device Checkpoint.
Booth said, students can participate by bringing their mobile device, laptop or any type of device a student would like checked for security. A quick analyzer will be run on each device to suggest to students what they should be doing to keep their data safe. Prizes will also be given to participants.
