SlideShare une entreprise Scribd logo

How do I protect my Research

Télécharger en tant que PPTX, PDF
P
Peter Larsson

Peter Larsson - Security Professional informs scientists and researchers about laws, rules, regulations and Information Security that is VITAL for any researcher to implement.

Formation
1  sur  22
www.gu.s e
www.gu.s e The Importance of Information Security in our research.
www.gu.s e The Importance of Information Security in our research.
www.gu.s e The Importance of Information Security in our research.
www.gu.s e The Importance of Information Security in our research.
www.gu.s e The Importance of Information Security in our research.
www.gu.s e The Importance of Information Security in our research.
www.gu.s e MSB – Swedish Civil Contingencies Agency Regulations on information security at government authorities (MSBFS 2009:10) it states: • government authorities must apply a management system for information security. • Agencies should work in a ”structured way” • Policies and other governing documents • requirement for authorities to classify their information, • to identify and manage risks, • and to continually evaluate and improve their security. ”Good Information Security” is a tool to comply with rules and regulations
www.gu.s e GU:s rules for IT Security • Everyone is responsible for the security within their role and function. • Regulations for IT-security are there to support - Rules for use - Information classification - Procurement of systems and system development - Operation and Maintanence - Security Measures for IT equipment and systems http://www.sakerhet.gu.se/
www.gu.s e Information has many shapes
www.gu.s e INFORMATION CLASSIFICATION- the first step is to find the right level of security
www.gu.s e • the classification provides guidance for how information should be managed. • One way to reach ”correct” level of security measures. • All information does not need the same amount of protection Why do we need to classify information?
www.gu.s e Criteria for information classification • Confidentiality refers to the information not being made available or revealed to unauthorised persons. • Integrity refers to the information not being amended or corrupted unintentionally, or by unauthorised persons. • Availability refers to the information being available to authorised users when needed.
www.gu.s e
www.gu.s e Information Classification • Information classification should ensure that the information is assigned an appropriate level of protection. Also consider, the consequences if information would be lost, changed, handled incorrectly or end up in the wrong place. • The owner of the information is responsible for the classification. • A systemowner is responsible for classifying their system • Classification is done by the criteria confidentiality, integrity and availability.
www.gu.s e
www.gu.s e
www.gu.s e How do I protect my information? • Classify your information and decide access rights • Save your information on a server that is in a protected environment • Don’t create your own wireless networks • Protect (lock valuable information when leaving). • Are there strangers in the premises. Say hello! • Consider how printers are placed. Could anyone that is not suitable obtain (or read) the information? • Consider what kind of paper you are throwing in recycle
www.gu.s e The portable information • Do not leave the computer in the car, on the bus and so on. • Working from home? Use VPN or other secure connection. • USB, is EASY to loose and forget • Make sure to backup if you are not connected to the network or central repository. • Travel security: USA can confiscate your machine in customs.
www.gu.s e Peter Larsson Information Security Officer Peter.larsson.2@gu.se Tel 786 4577 http://www.sakerhet.gu.se/
www.gu.s e GU Extrema organisationer Stöld av utrustning mm Ekonomisk brottslighet Utlämnande av personuppgifter Missnöjd anställd/student Spridning av känslig spets- kompetens Utförsel av känslig utrustning Olovlig informations- inhämtning Risker i arbetsmiljö
www.gu.s e Varför risk- och säkerhets- Arbete? Universitetets image Trygg och säker arbetsplats Förvaltare av stora värden Kvalité Kostnadseffektiv Säker uppdrags- tagare Säker Samverkans- partner

Recommandé

xsecutive infosec 2015 final Eng
xsecutive infosec 2015 final Engxsecutive infosec 2015 final Eng
xsecutive infosec 2015 final EngRob Christ
 
Serianu - Data security
Serianu - Data securitySerianu - Data security
Serianu - Data securityMyles Freedman
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp JonesSmith7
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
UMUC GovConnects Roundtable Cybersecurity Workforce Ed 22Nov13
UMUC GovConnects Roundtable Cybersecurity Workforce Ed 22Nov13 UMUC GovConnects Roundtable Cybersecurity Workforce Ed 22Nov13
UMUC GovConnects Roundtable Cybersecurity Workforce Ed 22Nov13 GovConnects
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...JonesSmith7
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebBoyd Neil
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 

Recommandé

xsecutive infosec 2015 final Eng
xsecutive infosec 2015 final Engxsecutive infosec 2015 final Eng
xsecutive infosec 2015 final EngRob Christ
 
Serianu - Data security
Serianu - Data securitySerianu - Data security
Serianu - Data securityMyles Freedman
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp JonesSmith7
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
UMUC GovConnects Roundtable Cybersecurity Workforce Ed 22Nov13
UMUC GovConnects Roundtable Cybersecurity Workforce Ed 22Nov13 UMUC GovConnects Roundtable Cybersecurity Workforce Ed 22Nov13
UMUC GovConnects Roundtable Cybersecurity Workforce Ed 22Nov13 GovConnects
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...JonesSmith7
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebBoyd Neil
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and SecurityArianto Muditomo
 
Flight East 2018 Presentation–Data Breaches and the Law
Flight East 2018 Presentation–Data Breaches and the LawFlight East 2018 Presentation–Data Breaches and the Law
Flight East 2018 Presentation–Data Breaches and the LawSynopsys Software Integrity Group
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection RegulationBCC - Solutions for IBM Collaboration Software
 
The general data protection act overview
The general data protection act overviewThe general data protection act overview
The general data protection act overviewRoy Biakpara, MSc.,CISA,CISSP,CISM,ISO27KLA
 
Presentation2 (2)
Presentation2 (2)Presentation2 (2)
Presentation2 (2)ITNet
 
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideFLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideBlack Duck by Synopsys
 
Fuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best Practices
Fuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best PracticesFuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best Practices
Fuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best PracticesSparkrock
 
Information Security
Information SecurityInformation Security
Information SecurityDhilsath Fathima
 
Harshit security
Harshit securityHarshit security
Harshit securityHarshitGupta435
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information PrivacyPerry Slack
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are ComingErnest Staats
 
Information security management (bel g. ragad)
Information security management (bel g. ragad)Information security management (bel g. ragad)
Information security management (bel g. ragad)Rois Solihin
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power pointbodo-con
 
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...Aggregage
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Gridbradley_g
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityAIS Network
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovEric Vanderburg
 
cybersecurity
cybersecurity cybersecurity
cybersecurity AkshaySajith3
 
it-security.ppt
it-security.pptit-security.ppt
it-security.pptAmanSoni665879
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 

Contenu connexe

Similaire à How do I protect my Research

005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and SecurityArianto Muditomo
 
Presentation2 (2)
Presentation2 (2)Presentation2 (2)
Presentation2 (2)ITNet
 
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideFLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideBlack Duck by Synopsys
 
Fuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best Practices
Fuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best PracticesFuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best Practices
Fuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best PracticesSparkrock
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information PrivacyPerry Slack
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are ComingErnest Staats
 
Information security management (bel g. ragad)
Information security management (bel g. ragad)Information security management (bel g. ragad)
Information security management (bel g. ragad)Rois Solihin
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power pointbodo-con
 
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...Aggregage
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Gridbradley_g
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityAIS Network
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovEric Vanderburg
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 

Similaire à How do I protect my Research (20)

005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and Security
 
Flight East 2018 Presentation–Data Breaches and the Law
Flight East 2018 Presentation–Data Breaches and the LawFlight East 2018 Presentation–Data Breaches and the Law
Flight East 2018 Presentation–Data Breaches and the Law
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
 
The general data protection act overview
The general data protection act overviewThe general data protection act overview
The general data protection act overview
 
Presentation2 (2)
Presentation2 (2)Presentation2 (2)
Presentation2 (2)
 
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideFLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
 
Fuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best Practices
Fuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best PracticesFuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best Practices
Fuel Good 2018: Is your Nonprofit at Risk? Security and Privacy Best Practices
 
Information Security
Information SecurityInformation Security
Information Security
 
Harshit security
Harshit securityHarshit security
Harshit security
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information Privacy
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are Coming
 
Information security management (bel g. ragad)
Information security management (bel g. ragad)Information security management (bel g. ragad)
Information security management (bel g. ragad)
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power point
 
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Grid
 
Managing IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing VulnerabilityManaging IT Risk and Assessing Vulnerability
Managing IT Risk and Assessing Vulnerability
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
 
cybersecurity
cybersecurity cybersecurity
cybersecurity
 
it-security.ppt
it-security.pptit-security.ppt
it-security.ppt
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
 

Dernier

MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
Dust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSEDust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSEaurabinda banchhor
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmStan Meyer
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxruthvilladarez
 
Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxRosabel UA
 
Millenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptxMillenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptxJanEmmanBrigoli
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 

Dernier (20)

MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
Dust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSEDust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSE
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and Film
 
Paradigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTAParadigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTA
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docx
 
Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptx
 
Millenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptxMillenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptx
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 

How do I protect my Research

  • 2. www.gu.s e The Importance of Information Security in our research.
  • 3. www.gu.s e The Importance of Information Security in our research.
  • 4. www.gu.s e The Importance of Information Security in our research.
  • 5. www.gu.s e The Importance of Information Security in our research.
  • 6. www.gu.s e The Importance of Information Security in our research.
  • 7. www.gu.s e The Importance of Information Security in our research.
  • 8. www.gu.s e MSB – Swedish Civil Contingencies Agency Regulations on information security at government authorities (MSBFS 2009:10) it states: • government authorities must apply a management system for information security. • Agencies should work in a ”structured way” • Policies and other governing documents • requirement for authorities to classify their information, • to identify and manage risks, • and to continually evaluate and improve their security. ”Good Information Security” is a tool to comply with rules and regulations
  • 9. www.gu.s e GU:s rules for IT Security • Everyone is responsible for the security within their role and function. • Regulations for IT-security are there to support - Rules for use - Information classification - Procurement of systems and system development - Operation and Maintanence - Security Measures for IT equipment and systems http://www.sakerhet.gu.se/
  • 11. www.gu.s e INFORMATION CLASSIFICATION- the first step is to find the right level of security
  • 12. www.gu.s e • the classification provides guidance for how information should be managed. • One way to reach ”correct” level of security measures. • All information does not need the same amount of protection Why do we need to classify information?
  • 13. www.gu.s e Criteria for information classification • Confidentiality refers to the information not being made available or revealed to unauthorised persons. • Integrity refers to the information not being amended or corrupted unintentionally, or by unauthorised persons. • Availability refers to the information being available to authorised users when needed.
  • 15. www.gu.s e Information Classification • Information classification should ensure that the information is assigned an appropriate level of protection. Also consider, the consequences if information would be lost, changed, handled incorrectly or end up in the wrong place. • The owner of the information is responsible for the classification. • A systemowner is responsible for classifying their system • Classification is done by the criteria confidentiality, integrity and availability.
  • 18. www.gu.s e How do I protect my information? • Classify your information and decide access rights • Save your information on a server that is in a protected environment • Don’t create your own wireless networks • Protect (lock valuable information when leaving). • Are there strangers in the premises. Say hello! • Consider how printers are placed. Could anyone that is not suitable obtain (or read) the information? • Consider what kind of paper you are throwing in recycle
  • 19. www.gu.s e The portable information • Do not leave the computer in the car, on the bus and so on. • Working from home? Use VPN or other secure connection. • USB, is EASY to loose and forget • Make sure to backup if you are not connected to the network or central repository. • Travel security: USA can confiscate your machine in customs.
  • 20. www.gu.s e Peter Larsson Information Security Officer Peter.larsson.2@gu.se Tel 786 4577 http://www.sakerhet.gu.se/
  • 21. www.gu.s e GU Extrema organisationer Stöld av utrustning mm Ekonomisk brottslighet Utlämnande av personuppgifter Missnöjd anställd/student Spridning av känslig spets- kompetens Utförsel av känslig utrustning Olovlig informations- inhämtning Risker i arbetsmiljö
  • 22. www.gu.s e Varför risk- och säkerhets- Arbete? Universitetets image Trygg och säker arbetsplats Förvaltare av stora värden Kvalité Kostnadseffektiv Säker uppdrags- tagare Säker Samverkans- partner

Notes de l'éditeur

  1. Det vi har lyssnat till hittills i eftermiddag rör i mångt och mycket lagar och förordningar som styr vad vi måste tänka på då vi jobbar här på myndigheten GU. Så var kommer informationssäkerheten in i det hela då? Finns det lagar för det också? Det finns föreskrifter. Byt bild.
  2. Det vi har lyssnat till hittills i eftermiddag rör i mångt och mycket lagar och förordningar som styr vad vi måste tänka på då vi jobbar här på myndigheten GU. Så var kommer informationssäkerheten in i det hela då? Finns det lagar för det också? Det finns föreskrifter. Byt bild.
  3. Det vi har lyssnat till hittills i eftermiddag rör i mångt och mycket lagar och förordningar som styr vad vi måste tänka på då vi jobbar här på myndigheten GU. Så var kommer informationssäkerheten in i det hela då? Finns det lagar för det också? Det finns föreskrifter. Byt bild.
  4. Det vi har lyssnat till hittills i eftermiddag rör i mångt och mycket lagar och förordningar som styr vad vi måste tänka på då vi jobbar här på myndigheten GU. Så var kommer informationssäkerheten in i det hela då? Finns det lagar för det också? Det finns föreskrifter. Byt bild.
  5. Det vi har lyssnat till hittills i eftermiddag rör i mångt och mycket lagar och förordningar som styr vad vi måste tänka på då vi jobbar här på myndigheten GU. Så var kommer informationssäkerheten in i det hela då? Finns det lagar för det också? Det finns föreskrifter. Byt bild.
  6. Det vi har lyssnat till hittills i eftermiddag rör i mångt och mycket lagar och förordningar som styr vad vi måste tänka på då vi jobbar här på myndigheten GU. Så var kommer informationssäkerheten in i det hela då? Finns det lagar för det också? Det finns föreskrifter. Byt bild.
  7. Det vi har lyssnat till hittills i eftermiddag rör i mångt och mycket lagar och förordningar som styr vad vi måste tänka på då vi jobbar här på myndigheten GU. Så var kommer informationssäkerheten in i det hela då? Finns det lagar för det också? Det finns föreskrifter. Byt bild.
  8. Bakgrunden till föreskrifterna är att företag och vi medborgare ska känna tillit till hur myndigheter hanterar information och inte minst att samverkande myndigheter ska känna förtroende då vi utbyter information. När det gäller forskningsverksamhet så kan det ju vara så att ni får ta del av sekretessbelagda handlingar t ex från Socialstyrelsen, VGR, Försäkringskassa. De ska kunna lämna ut information till er och känna sig trygga med det. Ett verktyg för att uppfylla andra lagar: PuL säger inget om hur man ska skydda känsliga personuppgifter t ex.
  9. Varför heter det helt plötsligt IT-säkerhet? När vi tog fram reglerna låg fokus på IT- resurserna och begreppet informationssäkerhet var inte lika vedertaget. Vi skulle kunna byta ut rubriken och behålla innehållet. Det jag ska prata om idag som rör regelverket är informationsklassning eftersom det är något som är väldigt viktigt just i forskarvärlden. Ibland kommer jag att säga IT-säkerhet och ibland informationssäkerhet. IT- säk är en väsentlig del av infosäk men inte allt. Det handlar om att skydda information i alla dess former. Jag ska åskådliggöra det med nästa bild.
  10. Vad är information? Det är ett yvigt begrepp men för er så är information detsamma som forskningsdata/ -resultat. Och det kan ju också ta sig många olika former. I digital form på en server, eller någon mera bärbar manick (laptop, telefon). I fysisk form på ett USB, CD etc eller papper. För att inte tala om hur mycket information som finns hos oss medarbetare. Så om vi betänker skillnaden mellan IT- säkerhet och informationssäkerhet så förstår ni att allt detta inte kan skyddas med hjälp av IT-lösningar.
  11. Informationsklassning är ett viktigt led i att skydda en organisations information. Om man inte vet vilket information man har och hur viktig den är för verksamheten så är det svårt att veta hur man ska skydda den. Ni har fått ut riktlinjerna.
  12. Klassningen ger en vägledning hur vi ska hantera informationen: Vilka ska kunna ta del av den, inom och utom organisationen? Hur kan den överföras mellan olika system? Kan jag bära med mig den på en bärbar dator? Alla skyddsåtgärder är kopplade till en prislapp. Viktigt att lägga krutet där det behövs. Jag ska prata mera om vad jag menar med skydd.
  13. Det här är kriterier för informationssäkerhet och det är även krav vid informationsklassning. Konfidentialitet Hur hemligt är något. Riktighet brukar vara extremt viktigt i forskarvärlden. Resultat ska ju inte kunna ifrågasättas. Tillgängligheten brukar alla tycka är viktig men den måste ju ställas i relation till de övriga kraven.
  14. Det måste finnas en informationsägare. Rent praktiskt blir det den som har det övergripande ansvaret för informationen i en funktion. Det här måste man ta ställning till . På en avdelning är det avdelningschefen, i ett projekt är det PL. I många fall kan det vara samma person som är informationsägare och systemägare. Den balansgången måste man klara av bl a med att kunna avgöra vad som är rätt slags information att dela med sig av. Det är forskaren som avgör vad som han vill dela med sig av. Det är bara han som känner till konsekvenserna.
  15. Det här är en gammal rubrik men det skulle lika gärna kunna hända idag. Av den enkla anledningen att har man sin forskning på ett enda ställe och det stjäls då är det borta.
  16. Det samma gäller här. Förutom den personliga tragedin att förlora flera års arbete; i ett större perspektiv så måste man börja om och resultatet kommer inte mänskligheten till gangn på flera år och ”Flera miljoner kronor har satsats”……. Så någon finansiär var nog väldigt missnöjd. Nu har jag ägnat halva tiden åt att skrämmas så det är kanske dags för lite goda råd!
  17. Klassa informationen- fundera över vilka guldägg ni har och vem som har tillgång till dem Skyddad miljö- är en för ändamålet avsedd servermiljö. Det är inte en skrubb eller ett ordinärt kontorsrum. Rent fysiskt så är det ingen bra temperatur där och det är också lätt att stjäla. Egna LAN- Det är inte tillåtet enligt GU:s regler. Finns det en brandvägg där ni sitter kan era LAN bli en väg in bakom den brandväggen. Det är alldels för lätt att sätta upp ett eget trådlöst. Lås in information- Merparten av de stölder som sker här på GU sker på dagtid då vi går på lunch eller fikar. Stoppa undan, lås dörrar och använd wirelås. Och då är vi inne på nästa punkt om främmande personer. Det är inga lodisar som smyger omkring på dagtid. Returpapper- Använd sekretesskärl där du även kan slänga digitala minnesmedia.
  18. VPN- Det finns instruktioner på ITS webbsida eller kontakta 2020. USB- Om ni gjort er infoklassning så vet ni vilken information som inte ska bäras omkring på. Säkerhetskopiering- det här funkar väldigt olika inom GU. I den centrala lagringstjänsten på GU ingår säkerhetskopiering. Men alla är inte anslutna till den. Så ta reda på hur det fungerar hos er. Om det finns en verksamhetsspecifik lagring. Man ska tänka sig för ordentligt innan man använder en molntjänst som säkerhetskopiering. Säkerhetskopiera om du inte har möjlighet att arbeta direkt mot nätverket.