Data Privacy Policy
- Network security requirements
All client data should be stored in Center for Leadership Server Data Centers. All terminals must access this system through a secured connection. Data Centers should be dedicated to the single purpose of processing or storing of information. Server systems in Data Center should not be removed from the secure room(s) unless any storage disks in the system have been properly cleaned by overwriting all areas where any sensitive information could have been stored or physically destroyed. All administrative functions on the server systems or applications that access server information must be logged. The logs should include the identity of the user, the time and the command executed. Logs recording administrative functions on servers in Center for Leadership Data Center should be reviewed daily to determine if the systems are under attack and that the users are following the documented access practices. Server Systems in Center for Leadership Data Center connected to any network should run host-based firewalls configured to block all connections to the system other than the specific connections needed to perform the approved research tasks.
- Operational requirements
All media (including magnetic media such as portable disk or thumb drives and non-magnetic media such as optical disks or paper) containing sensitive information should be encrypted or locked in a safe, which is in a physically secure room, when not actually in use. All media (including non-magnetic media) containing sensitive information must not be removed from the secure room unless following a procedure that has been authorized by the IT head.
- System security requirements
Generic accounts on systems should be disabled. Default passwords on systems should be changed before systems are put into use. A mechanism should be in use on servers to inhibit attackers guessing passwords. A mechanism should be in use on servers or clients to block access to idle sessions.
- Data access requirements
Users should only have access to the confidential information through their individually assigned (non-shared) user accounts. Only the applications that are actually required to support the services used in the projects can be running on the servers. Servers should enforce standard password complexity rules. A minimum password length of 12 to 14. Password should not contain username. Password should contain a mix of number, special symbol and letters. Password must have at least one Capital case letter. The confidential information must be encrypted when it traverses any network outside of the security room(s). All client data should be shared via secured ftp connection only (unless client desires otherwise). Servers and the applications should be designed so that passwords cannot be retrieved by anyone (including system administrators). This includes a mechanism to ensure that any assigned passwords are changed on initial use. Interactive access to servers should be logged. The logs should include the identity of the user, the time and the function (login or logout). Users' access to data or servers must be removed if they no longer have a reason to access the information. Any confidential information is not permitted to be stored on any user computer or portable computing device (e.g. laptop, PDA, or smart phone). Backup drives containing the confidential information should be encrypted. All electronic records containing the confidential information should be properly disposed of by overwriting the information. Old or broken disk storage drives that were used to store the confidential information should be properly disposed of by physical destruction or overwriting the information.
- Collecting Sensitive information
Collection of sensitive information while in the field must adhere to strict security protocols. The protocol(s) to be used must be approved by the IT head. Some examples include: Computer based collection of sensitive information in the field may only be done by saving the collected information to an encrypted disk or an encrypted thumb drive. The information should be transferred to a secure server as soon as practical. All sensitive data must not be decrypted until they are on the server system in the data center. Sensitive information must be promptly removed from the computer used to collect this information once the transfer has been completed and verified.