Month: January 2013

Around the Water Cooler


Ever wonder what privacy officers in higher education think about?  Here’s your opportunity to find out.  Today EDUCAUSE is hosting its final webinar of Data Privacy Month entitled, “Privacy Officers Around the Virtual Watercooler.”  Join 3 of my amazing colleagues from around the country as they discuss current privacy challenges on campus: Merri Beth Lavagnino of Indiana UniversityJane Rosenthal of University of Kansas and Kent Wada of UCLA.

Event Details

  • Date: January 30, 2013
  • Time: 1:00–2:00 p.m. (ET)

To join this webinar, simply go to the Adobe Connect  website: and select “Enter as a Guest.”

Feeling Social?

social networking
Photo credit–Security Office at the University of Arizona. Click on the graphic for more social networking privacy & data security tips from our peers in Arizona.

During this last week of Data Privacy Month (can you believe that January is almost over???), we are focusing on social networking.  Websites and Apps such as Facebook, Twitter, LinkedIn and others have become an integral part of the social and professional lives of many of us.  It is easy to connect with friends and colleagues, and to network and find new opportunities.  It is important to remember, however, that creating an online presence can create a reputation, for the positive or the negative.  It can also lead companies and advertisers to know your buying history, or identity thieves to figure out your passwords, credit card data and other sensitive information.

Here are some things to consider when engaging in social networking and sharing information about yourself online:

  • Think about what you share online on a typical day.  Do you really know what you are sharing and with whom?  Do you know how others might be using your information or collecting data about you?  (On that note, check out this article in this month’s Travel + Leisure Magazine!)
  • Once posted, always posted:   Assume that what you post (or what others post about you!) is permanent.  Think twice before posting pictures you wouldn’t want your parents or grandparents to see!
  • Protect your reputation on social networks.  Would you want a future employer to see that picture or know what you posted to a website?  Many employers and job recruiters run searches of applicants and future employees on search engines and social networking websites.  Take charge of your overall online reputation.
  • Know and manage your online “Friends.”  Be cautious of accepting a ”friend request” from people that you do not know.  Be wary of folks who may post photos or information about you that you might not want posted.
  • Be sure to review and update your privacy settings on a regular basis.  Social networking sites are known to change their privacy settings, privacy practices and terms of use, so keep up to date on what those networks are doing with data, and what your privacy options are.
  • Be cautious about clicking on ads on social networking sites and links posted by friends.  Many companies use social network advertising for data tracking and behavioral targeting.
  • More information about keeping a clean presence online while social networking can be found at

Happy Data Privacy Day!

Below is a press release from the National Cyber Security Alliance (NCSA) about Data Privacy Day and events happening today around the world and online.  If you are interested, NSCA and others are sponsoring a colloquium in Washington, D.C. that is being streamed live on Facebook this morning and should be available later for replay.


Celebrate Data Privacy Day Today and Focus on Personal Data Protection Year-Round

WASHINGTON, DC, January 28, 2013 – The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, is officially kicking-off Data Privacy Day today along with Federal Trade Commissioner Maureen Ohlhausen and other privacy and security experts from AT&T, Facebook, Intel, MasterCard, Microsoft and the federal government during a forum at The George Washington University Law School from 8-11:30 a.m. ET. The event will be broadcast via Facebook Live from 8:30-11:30 a.m. ET at:

The forum will explore respecting privacy, safeguarding data, privacy innovation and the implications for personal information in the digital age and the mobile environment. Daniel Solove, John Marshall Harlan Research Professor of Law at The George Washington University School of Law is the host of the event.

Data Privacy Day is celebrated across the United States, Canada, Council of Europe member countries, and a host of other countries across the globe. The day constitutes an international collaboration and nationwide effort to educate and raise awareness about data privacy, stewardship of data and protecting the privacy of personal information.

For the past five years, the U.S. Senate has designated January 28th as National Data Privacy Day.  Again this year, U.S. Senator Jay Rockefeller (D-West Virginia) is sponsoring a Senate resolution to encourage more people nationwide to be aware of data privacy and take all necessary steps to prevent data loss and respect privacy. The resolution calls on state and local governments, educators, privacy professionals, and corporations to observe the day with appropriate activities and initiatives that raise awareness about data privacy protection.

“Data Privacy Day highlights a year-round effort for all of us to improve measures to protect our personal data,” said Michael Kaiser, executive director of the National Cyber Security Alliance (NCSA). “We want all digital citizens to feel like they have a choice in how their data is being collected, stored, and consumed and that starts with being educated about the privacy policies of online companies and Web properties. As society increasingly becomes more wired, it’s imperative we understand how to best protect our data.”

To mark Data Privacy Day 2013, Microsoft Corp. has also released new data reflecting consumers’ perceptions about how their information is used online. A main finding of the survey, which polled 1,000 American adults, is that forty-five percent said they have little or no control over the personal information companies gather about them while they are browsing the Web or using online services – such as photo-sharing, travel or gaming. More information about the survey and a series of short videos called “Privacy in Action” is available at:

Also in conjunction with Data Privacy Day, an updated edition of the best-selling digital citizenship book lol…OMG!, by Matt Ivester, tailored specially for high school students will be available for FREE download from Amazon until 11:59 p.m. PT on January 29th. lol…OMG! empowers students to clean up and maintain a positive online presence and to become responsible digital citizens. Intel and Reed Elsevier are underwriting the promotion. The free download of the book is available at:

For anyone interested in getting involved with Data Privacy Day in other ways, the Web portal offers tips and resources for parents, teachers, educators, businesses and others at: Keep pace of Data Privacy Day happenings on Facebook and Twitter at: and and the DPD Twitter hashtag is #DPD13.

About Data Privacy Day

Led by the National Cyber Security Alliance, Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. The Day commemorates the 1981 signing of Convention 108 – the first legally binding international treaty dealing with privacy and data protection.  Intel is a Platinum sponsor of Data Privacy Day. Gold sponsors include AT&T, Facebook, Microsoft and Google. Intuit, MasterCard and The George Washington University Law School are Silver sponsors and is a Small Business Sponsor.

Just what is this “Data Privacy Day” thing anyhow?



Happy Data Privacy Day everyone!  In basically all of my recent posts, I have focused on Data Privacy Month and referenced Data Privacy Day.  So just what is this “Data Privacy Day” thing and where did it come from?  Data Privacy Day is an international initiative led by the National Cyber Security Alliance, a non-profit, public private partnership focused on cyber security education for online citizens across the world.   Data Privacy Day began in the United States and Canada in January 2008.  However, it was celebrated long before that as Data Protection Day in Europe.  The Data Privacy Day (and its predecessor Data Protection Day) commemorates the 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.  It is celebrated annually on January 28th around the world.  Extensive information about Data Privacy Day itself, and events being held regionally, in the U.S. and worldwide can be found on NSCA’s Official Data Privacy Day website.



lolOMGbook         .lolOMGhs

This just in…

In honor of Data Privacy Day 2013, Matt Ivester’s digital citizenship book, lol…OMG!, is available to download (for Kindle) for FREE on Amazon between January 25-29. Ivester is an interesting guy, and comes at this stuff from a unique perspective.

Here’s  some more info about the book and the author.

(P.S., It is the High School edition that is free this go around.  Last year they offered the original book, aimed at the college-aged population.  I’m guessing its a good read either way!)


Cloud Computing and File Sharing

cloud computing
(graphic borrowed from


This week, we are focusing on Cloud Computing and File Sharing. Though there are different types of clouds, practically everyone who uses a computer uses “The Cloud” in some way or another. But do you really know how the cloud works?  Sending information via email and over the internet may be useful when you need to share or access something quickly.  However, if you do not share or access that information in a secure manner, what seemed quick and convenient could cause you or the subject of the information a huge headache if that information is intercepted to gets into the wrong hands.  Here are some things to consider when sending personal or sensitive information electronically both at UConn and in your personal life:

Cloud security tips

 It’s the little things that count. Take the proper precautions by adopting easy proactive security habits and it will go a long way in safeguarding your personal data on the cloud.

UConn resources for file sharing

We live in a fast paced world that has faced paced problems. With the click of a mouse, enormous amounts of data can be compromised in an instant.  Often times, email is not a secure method by which to transfer data or information.  Luckily, UConn does have some easy to use resources for you that are also secure.  The UITS Information Security Office recommends that you use a tool called “File Locker” to use when transmitting sensitive information.   File Locker is a web-based application that allows UConn faculty, staff, and students to securely send or temporarily store sensitive files.   Visit to learn more.

UConn resources for detecting insecure data at work and at home

We’re human, we make mistakes and it’s a part of life, right? We also have the ability to catch our mistakes. UITS has implemented a tool called “Identity Finder “that you can run on your work and personal computer to detect unsecure sensitive information such as banking numbers, credit card numbers, and social security numbers, thus catching our storage errors. The software scans your computer for these risks and gives you the option to securely “shred” or quarantine unsafe data on your computer. Identity Finder will even scan your outlook mail for content that shouldn’t be there.

UConn resources for cloud data storage

One cloud-based data storage option UConn offers is a tool called IBM File Net.  IBM File Net is an Enterprise Content/Document Management System and is available as a tool for data storage and management. More about IBM File Net and its various benefits can be found at this DailyDigest entry.

Have you installed Identity Finder yet?



In my post from January 14, 2013 below I included a section on protecting your personal information, as well as resources for protecting sensitive University data. To follow up on that post, I wanted to share a reminder tip that was posted earlier today by the UConn Information Security Office (ISO) on its two Facebook pages (UConnISO and UConn HuskyHunt):

Privacy Month Tip #13 – Protect Your Data, and here’s how….
As part of the secureU initiative, the University of Connecticut has partnered up with Identity Finder,LLC to bring the Identity Finder software to all faculty, staff, and students of the University of Connecticut free of charge!

Identity Finder is a special software that gives users the ability to find and protect sensitive data on their computer(s), helping to prevent data loss and identity theft. Identity Finder reduces the risk of data leakage and identity theft by discovering and securing sensitive information across computers. Built-in tools are included to shred, scrub, secure and quarantine vulnerable data in order to protect University of Connecticut constituents from data loss caused by spyware, viruses, lost laptops, and hackers.

For UConn employees and students, if you haven’t already done so, visit UConn’s Identity Finder website and install the software on your UConn-issued computer.  There is also an option to install the software on your personal computer too.  You should strongly consider doing so.  You will be amazed at what you find that you have stored there that you forgot about!

Piloting a National Privacy Infrastructure

The Identity Ecosystem


As I noted in previous posts, in honor of Data Privacy Month, EDUCAUSE is offering several webinars that are free and open to the higher education community.  We welcome you to participate. Here is some information about this week’s webinar:

Scalable Privacy: An NSTIC Grant for the Identity Ecosystem

Wednesday, January 16, 2013 (1-2 pm EST) with Ken Klingenstein (Director, Middleware Initiative, Internet2)

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) recently announced more than $9 million in grant awards to support the National Strategy for Trusted Identities in Cyberspace (NSTIC).  Under the grant, provided by NIST through the National Strategy for Trusted Identities in Cyberspace, Internet2 and partner campuses will build this infrastructure through common attributes, user-effective privacy managers, anonymous credentials, and the InCommon Federation.

Five U.S. organizations will pilot identity solutions that increase confidence in online transactions, prevent identity theft, and provide individuals with more control over how they share their personal information.

Learn more about this initiative to build a consistent and robust privacy infrastructure for the higher ed community by participating in this webinar.  You can also click here for more information on NSTIC and the Identity Ecosystem initiatives and grants.