Spacer
Spacer
BGSU
HomeAcademicsAdmissionsThe ArtsAthleticsLibrariesOffices
Spacer
Spacer Spacer
Top Nav   Office of the CIO-Projects & Strategic Initiatives
Cross Hatch

Office of the Chief Information Officer

Welcome

About Us

ITS - Information Technology Services

IMS - Instructional Media Services

Student Tech

Office of Web Development

BG@100

Projects and Strategic Initiatives

Quick Reference

Newsworthy

Feedback

Office of the CIO Policies

Fraud Notice

CIO-Alerts and CIO-Inform email & PGP Public Keys
No Banner
Spacer CELO Project - June 29, 2007 Data Security Memo Spacer
 

 

MEMORANDUM

TO:                BGSU Faculty and Staff

SUBJECT:   Data Security

DATE:           June 29, 2007

BGSU is not unlike many large colleges and universities which operate some of the world's largest collections of computers and high speed networks.  With such resources comes a responsibility to be good stewards of the information that resides in these environments and has been entrusted to you.  Please be aware however, that protection of the information is required regardless of the form it is in, electronic copy or paper for example.

Any cyber security effort is only as good as its weakest link, and many times the risk does not come from the efforts of firewall implementation, encryption, virus protection and identity management to name a few, but from less than optimal practices when working with the information.   Following are a few guidelines to consider related to protecting the University's sensitive information and intellectual property.  For more detailed information you are encouraged to reference the attached brochure (Security Tips Brochure).

  • Change your password often
  • Use a password that is NOT found in a dictionary
  • Encrypt all portable media
  • BGSU sensitive data is NOT to be stored on personal systems or media
  • BGSU sensitive data is NOT to be shared with unauthorized individuals

ITS initiated the CELO project, a multi-phase project focused on the protection and privacy of BGSU data and intellectual property, in January of 2006.  Whole disk encryption is one of the phases of CELO and we are ready to begin implementation.  The following key points are being communicated to all faculty and staff regarding whole disk encryption:

  • encryption is the transformation of data into a form that is unreadable to anyone who does not have the decryption key
  • whole disk encryption is the encryption of an entire disk, whether it is associated with a desktop or laptop - this initial phase of the project will focus on the primary disk used by each machine and future phases will address other forms of storage such as flash drives
  • the software BGSU will be using for whole disk encryption is from PGP Corporation (http://pgp.com)
  • all University owned, asset tagged devices will be equipped with software to provide whole disk encryption - laptops will the the first area of focus for installation
  • Windows devices will receive encryption software prior to Macintosh systems
  • once a machine is utilizing whole disk encryption, the user will enter their MyBGSU password at the time of login to decrypt the entire disk, the disk will once again be encrypted when the user shuts down the system
  • users will see a PGP ion in the system tray that contains features which will be addressed at a later time, such as encrypting flash drives or other portable media
  • it is important to remember that while a disk is decrypted, information on the disk is vulnerable - from the time a user enters their MyBGSU password to access their system until the system is shut down again the information on the hard drive is decrypted and vulnerable to theft or compromise
  • security of information is an important responsibility for each user of BGSU data - each individual with a BGNet account agreed to this responsibility when receiving their account - Network and Computer policies:  http://www.bgsu.edu/downloads/cio/pfile9602.pdf
  • your Technology Support Specialist (TSS) will be deploying PGP software to University owned machines throughout the upcoming months
  • information regarding the CELO project and other information regarding whole disk encryption may be found on the web at:  http://www.bgsu.edu/offices/cio/page21277.html

Your TSS will be working through department contacts in order to arrange the installation of this software to University owned devices.  The process will be completed in a manner similar to the annual desktop install procedure.  The individual to whom the device is assigned must be present at the time of installation.  While completing the PGP encryption install, the TSS may also complete installation of the Altiris inventory agent and new barcode label.  Information about the Altiris inventory software and examples of the new barcode label may be found on the web at:  http://www.bgsu.edu/offices/cio/page25936.html.

These components are being implemented as layers of protection for the University's technology infrastructure.  Even with many layers of protection in place, the security of data is only as good as the practices of each individual user.  It is imperative that each person follows best practices in using, storing,and securing BGSU data and intellectual property.

Bruce M. Petryshak, CIO

 

  
Spacer
 
Spacer Spacer
Spacer
Spacer
Spacer
Spacer
Bowling Green State University  |  Bowling Green, OH 43403-0001  |  Contact Us  |  Campus Map  |  Site Map  |  Accessibility Policy (PDF Reader)
Spacer