Page History

...

Sub-Step	Tips	Resource	Resource Type
5.1 Access Management	Determining who can access the data, and what they can do with it.	Access Control	EDUCAUSE
5.2 Physical Security		Physical and Environmental Security	EDUCAUSE
5.3 Risk Assessment		Risk Management	EDUCAUSE
5.4 Change Management Requirements		University of Texas at Austin Change Management Guidelines	Higher Education
5.5 Training		Awareness and Training	EDUCAUSE
		Kansas State University: Data Classification and Security Policy – Data Security Standards – Training	Higher Education
5.6 Need for Policy and Procedures		Information Security Policies	EDUCAUSE
5.7 Need for Encryption	Determining how data is appropriately secured both while at rest (in storage) and in transmission.	Encryption 101	EDUCAUSE
5.8 Records Retention	Determining how long each type of data should be stored.	Boston University: Data Protection Requirements	Higher Education
5.9 Data Incident Handling and Response	Determining what happens if/when data is lost, stolen, or compromised.	Confidential Data Handling Blueprint Data Incident Notification Toolkit Information Security Incident Management (ISO 16)	EDUCAUSE

Top of page

Questions or comments? Contact us.

...

Page tree