Skip to Content

Is Your Personal Data Safe?

by Adam Cook, Security Analyst

With technology becoming more and more a part of our lives it is easy to forget that the bad people out there on the internet have been able to keep up with the times. The need to secure your personal data seems to be a recurring theme on the news. We hear stories of how a company lost millions of credit card numbers and accounts or stories about how someone stole a contact list from a celebrity’s phone. But doesn’t that just happen to celebrities or in retail and banking? Universities don’t have this type of information security problem, do they? As you will see in the stories below, serious information security problems also occur in higher education. In fact, some of the most serious data breaches in the last couple of years have occurred at universities.

Stolen Stanford Laptop Contained Confidential Employee Information

By Adam Dodge - Posted on June 6th, 2008. Abstract Source: Stanford News Service
This past June, Stanford University alerted current and former employees that their personal data was compromised after the university determined a laptop was stolen. According to university officials the laptop may have contained the names, Social Security numbers, salary information, Stanford IDs, dates of birth, gender information, home addresses, telephone numbers and Stanford e-mail addresses on as many as 72,000 individuals. The incident affected those employees who had received a paycheck from the university before September 28, 2007.

UC Irvine ID Theft Caused By United Health Care Data Breach

By Adam Dodge - Posted on June 3rd, 2008. Source: ComputerWorld, The Mercury News
A large number of ID theft crimes affecting University of California, Irvine medical students have been traced back to a data breach at UnitedHeathCare. A total of 1,132 current and former graduate students enrolled in the university's graduate student health insurance program could fall victim to tax scam. So far, 155 of these students have had criminals file false tax returns in the students’ names and collect the refunds. Only those students enrolled in the insurance program in 2006-2007 are affected. The University of California, Irvine set up a web site - www.uci.edu/identitytheftalert/ - to answer questions about this incident. Police arrested a Fort Worth, Texas man in connection with the ID theft crimes affected UC Irvine students. Authorities allege that Micheal Tyrone Thomas stole a file containing UC Irvine student information while working for UnitedHealthcare. According to a UnitedHealthcare statement, the company is "outraged that a former employee may have illegally accessed information regarding certain University of California, Irvine, students and may have used the information for criminal purposes" and UnitedHealthcare is working with authorities on the case.

Each of these reports happened close to home. But you can help make your information safe by following information security best practices. Here are the top seven best practices to follow:

  • Protect your password
    Do not share your password or post it anywhere. Do not use dictionary words or family or department names. Change to a more secure passphrase.

  • Protect confidential information
    By law, most student and other personal information is confidential. To be safe, be cautious with any private data and store as little confidential information on your computer or in unsecured areas as possible.

  • Update system patches, security fixes, and anti-virus software
    Make sure home and office Windows machines have the latest patches and security fixes and update anti-virus software. Set your computers to have updates downloaded automatically.

  • Use secure and supported applications
    Insecure applications such as Hot Bar and Kazaa can cause trouble for your computer and leave you and the university open to network attack.

  • Don't open suspicious e-mail attachments
    Many viruses and worms are spread through e-mail files you don’t recognize.

  • Back up your data
    Protect your important information by making sure your data is backed up regularly. Arrange to store your information on the university’s network, where it will be secure and regularly backed up.

  • Use a password protected screensaver to "lock" your computer when unattended, and turn off your computer at night (unless it is backed up at night and must be left on)
    Turning off your computer will both save energy and protect it from outside network attack.

Information Security Diagram.

Do you have feedback for IRT? Email us at irtfeedback@csus.edu