Privacy and Security Awareness Day comes to TRU, along with new campaign
Social media, environmental networking technologies and the university’s own security concerns were in the spotlight during TRU’s first ever Privacy and Security Awareness Day on Feb. 5. Approximately half of the 40 professionals attending the event came from TRU, with the remainder representing the RCMP, Interior Health, B.C. Lottery Corporation and other local organizations.
The event was organized as part of the BC AWARE campaign by ISACA, a non-profit advocacy group for information technology professionals.
TRU’s David Hill, assistant professor of geography, kicked off the day with network technology’s role in environmental sustainability. He argued that a network of connected devices could streamline day-to-day operations of institutions, such as TRU, making them more energy efficient.
“In the near future, the primary producers and consumers of data will be things, not people,” he said.
Hill added that the only missing step to such a system is a lack of trust due to the possibility of privacy and security breaches.
Social media issues also took the stage with Krista Lussier, chair of nursing at TRU, speaking on how to educate people to behave responsibly online. Lussier highlighted a few “near miss” events in which nursing students threatened to discredit the TRU nursing program through inappropriate Facebook and YouTube posts. These events, Lussier said, led to her incorporating social media etiquette into the nursing program as well as the creation of a social media policy.
Lussier added that the common element of all her mentioned complaints was the students’ assumption that their social media accounts were private.
The day continued with a discussion panel of chief information officers (CIOs): Lynette DuJohn from the B.C. Lottery Corporation, Laura-Lea Berna from Camosun College and Brian Mackay from TRU. The topic of discussion was “what keeps us up at night,” with information officers discussing challenges of keeping an institution’s computer systems secure while maintaining efficiency and user-friendliness.
Other panel topics included cloud storage, disaster recovery and preserving freedom of expression in the face of increasingly tight security.
When asked about his worst case scenario for a security breach at TRU, Mackay envisioned a breach that “compromised student information on the enterprise resource planning system.”
Information on TRU’s servers includes student grades, financial information and educational records such as transcripts. Mackay stressed that there is security to protect this information, including off-site back- up storage, but added that errors can occur, such as an incident at UBC last fall that displayed sensitive user information to other users of the student service centre.
Mackay said the best way for students to secure their information is to not share or write down their passwords to myTRU or any other secure service, advice that “can never be broadly communicated enough to students,” he said.
After the formal portion of the seminar, a workshop on smartphone security was provided for TRU staff, and information was provided to students at a table on Student Street. The smartphone “boot camp” allowed TRU IT staff to instruct other staff members on securing their smartphones. Guidelines for securing included, passcode protection, disengaging Bluetooth and how to update a phone’s operating system.