Recently in Privacy and Security Category
The Office of Information Technology will be making changes to the wireless network at the University of Minnesota.
Update your wireless configuration to avoid interruption.
This applies to UMTC, UMR, and some extension sites. Those who use the U of M Secure wireless network on the Twin Cities campus will need to make a slight configuration change to continue connecting to the network. In February, OIT engineers are installing a new security certificate, used to authenticate the network, "wireless.netaccess.umn.edu." This means users must change their computer configuration settings to "trust" the "AddTrust External CA Root" certificate authority. After February, users may remove trust configurations for the previously used "Thawte Premium Server CA" certificate authority. For help configuring your computer, see wireless setup guides. For help, call 1-HELP, or see OIT support.
There is a certificate on the jabber server. Most likely, this certificate expired as it has to be certified at least once a year. Once the server administrators from OIT controlling the Jabber server renew the certificate, the problem should be resolved and the behavior listed will no longer happen.
We have put much effort into configuring OIP servers, workstations and laptops to be as safe as possible and yet accessible as needed. Below is an email from Steve Cawley, Chief Information Officer for the University of Minnesota:
The number one way to avoid having to deal with the new [data security] law is to store as little legally protected information as possible, centralize the private data that is needed as much as possible, and maintain a high level of security for the private data. Social security numbers, patient information, private student data, etc should be stored on servers that are well-secured, with as little private information as possible on personal computers and portable devices. It is easier to concentrate limited resources on securing a few servers as opposed to many computers throughout your unit(s).
Review the list of private data. If you currently store any items, move them to a server and remove them from your workstation. Private data may be in Word documents, email and email attachments, databases and spreadsheets.
The OIP File Server, OIP FileMaker Database Server, and PeopleSoft are the only places these items should be stored. If you have a business reason to store these items locally, contact oiptech and we'll find a way to secure them.
Examples of Private Data
- Social security number
- Trade secrets or intellectual property such as research activities
- Birth date
- Home phone number
- Home address
- Health information
- Student grades
- Location of assets
- Parking leases
- Anonymous donors
- Citizen visa code
- Veteran and disability status
- Linking a person with the subject about which the library user has requested information or materials
- Non-directory Student Information may not be released except under certain prescribed conditions. Non-releasable information includes:
- Courses taken
- Test scores
- Advising records
- Educational services received
- Disciplinary actions
- Credit card numbers
Another message from Steve Cawley:
A laptop computer or other portable device such as a Personal Digital Assistant (PDA) is very susceptible to loss and theft and, in fact, so susceptible that staff should assume that it will be lost or stolen. Storing private data elsewhere such as on a server or not storing it at all if the data is no longer needed, is a much better choice.
For the full standard on securing data at the University of Minnesota, visit http://www1.umn.edu/oit/security/privatedata.html
Submit a ticket
8am-4:30pm Mon-Fri or by appointment