Protect confidential information, including all patient information.
There's no excuse for being lax, when it comes to "good computing practices."
Your Account is Only As Secure As Its Password
-
Don't let others watch you log in.
-
At home change your password often.
-
Don't write your password on a post-it note.
-
Don't attach it to your video monitor or under the keyboard.
Password Construction
-
It can't be obvious or exist in a dictionary.
-
Every word in a dictionary can be tried within minutes.
-
Don't use a password that has any obvious significance to you.
UCSDHC / UCSDHS Password Standard
-
Eight character minimum and should contain at least one of each of the following characters:
-
Uppercase letters (A-Z)
-
Lowercase letters (a-z)
-
Numbers (0-9)
-
Punctuation marks (!@#$%^&*()_+=-)
-
Some systems have limitations
Password Construction
-
Pick a sentence that reminds you of the password. For example:
-
If my car makes it through 2 semesters, I'll be lucky: imcmit2s,lbl
-
Only Bill Gates could afford this $70.00 textbook: oBGcat#7t
-
Just what I need, another dumb thing to remember!: Jw1n,adttr!
Password Construction: Vanity Plate
-
I feel great: if33lgr8!
-
Dance of the red shoes: RED,$hoes$
-
Dolphins Fan: d0lf1n'sfan
Password Construction: Compound Words
-
Used every day and are easy to remember.
-
Spice them up with numbers /special characters.
-
Mis-spell one or both of the words and you'll get a great password.
-
Friendship: Fr13nd+sh1p
-
Lifelong: L!f3l0ng
-
Teddybear: T3ddy^Bare
Take Precautions with Physical Security of Devices
Back-up Important/Original Data Files & Programs
-
When possible, save all work to the network drive
-
If you store original data on local drives/laptops, you are responsible for creating back-up disks
-
Store back-up disks off-site and in a secure location protected from theft and environmental risks
-
Password protect or encrypt the back-up disk
Report Security Incidents/Breach
-
Such as: Lost or stolen computer; network hacked
-
Healthcare:'619-543-2145;
-
UCSD Hot Line: 1-877-319-0265
-
Campus Security: security@ucsd.edu
|
Should You Open the E-mail Attachment?
-
If it's suspicious, don't open or reply to it! Delete it!
-
What is suspicious?
-
Not work-related
-
Attachments not expected
-
Attachments with a suspicious file extension(*.exe, *.vbs, *.bin, *.com, *.scr,*.pif)
-
Web link
-
Unusual topic lines; "Your car?" "Oh! Nice Pic!" "Family Update!" "Very Funny!"
When sending confidential information by E-mail
-
Confirm the recipient's address
-
Use the confidential message footer
-
Encrypt it , if possible
Anything done under your log-in is your responsibility!
-
Log off when you leave a workstation
-
Do not share log-ins, User IDs or your password
-
IS support staff can help when there is a problem logging in. Call 3-HELP!'Don't log in for others' use
-
Use auto log-off (@ 15-minutes) and password protected screen-savers when possible
-
Access only the "minimum necessary" information needed to do your job.
Protect against viruses and worms
-
Use a virus scanner and keep it updated
-
Use a firewall when connecting to the internet
-
Don't install unlicensed software
-
Don't install something you are not sure of
-
Be careful about what internet sites you visit
Encrypt files on portable devices
-
Laptops, PDAs, memory sticks.
-
Laptop theft is our #1 risk!
-
Use the encryption capabilities built into your operating system or buy an encryption program.
-
Back-up original data files / programs.
-
Better yet, avoid keeping ePHI and other confidential information on your portable device, memory cards or PDAs if at all possible.
Wipe drives before getting rid of computer equipment
-
Simple erasure is not enough. Degauss the device.
-
Contact IS before recycling unneeded computers, or use "DiskWipe" software.
|
Questions? Call the UCSDHC Information Security Help Desk (619-543-7474) or (3-HELP).
|
Resources:
Information Security Awareness Powerpoint Presentation  - [177 kb]
Privacy Standards Powerpoint Presentation - [397 kb]
|
