Main Nav

Please join us today from 1-2 pm EST for the final Data Privacy Month webinar with Matt Ivester.
 
Go to the Adobe Connect website: https://educause.adobeconnect.com/eduweb, select "Enter as a Guest" and enter your name in the "Name" field.
 
lol…OMG!: What Everyone Needs to Know About Online Reputation Management
Speaker: Matt Ivester, founder of JuicyCampus and author of lol...OMG!
Moderator: Merri Beth Lavagnino, Chief Privacy Officer and Compliance Coordinator, Indiana University
 
The ease with which digital content can be shared online, in addition to its many benefits, has created a host of problems for today’s high school and college students. All too often, students are uploading, updating, posting and publishing without giving a second thought to who might see their content or how it might be perceived. Ivester will provide a cautionary look at the many ways that today’s students are experiencing the unanticipated negative consequences of their digital decisions – from lost job opportunities and denied college and graduate school admissions to full-blown national scandals. He will be using real-life case studies and offering actionable strategies and best practices that empower students to clean up and maintain a positive online presence.
 
Technical requirements and additional resources are available at: http://www.educause.edu/policy/dataprivacy
 
Hope to see you there!
Valerie
_______________
 
Valerie M. Vogel
Program Manager, EDUCAUSE
office: (202) 331-5374
_______________
 
 
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

AttachmentSize
Picture_(Device_Independent_Bitmap)_1.jpg4.98 KB

Comments

We need to transfer large volume of data centre data to off-site colo back up facility, one of the requirements is that we need to encrypt the data before sending them out of our premises, or another interpretation could be we cannot send non-encrypted data centre data over ISP networks.

I believe some of you could have done something similar already, could you shed some lights here? thanks.
 
--
Leo Song, Senior Analyst & Cluster Lead
Computing and Communication Services - Networking and Security
University of Guelph
(519) 824-4120 x 53181


Message from nxg13@psu.edu

Ok, I’ll bite… and maybe start the discussion.

 

So, from a theoretical standpoint, I guess the question is about what are you trying to accomplish – remote backup-tape replacement or full featured offsite storage?

 

If you want the backup data to simply be stored at rest at the colo facility, and you don’t “trust” or don’t want to have to verify that the colo facility hasn’t lost your confidential data to some hack… then I think you’d want to encrypt before you transmit it.

 

I think you’re talking about a straight-forward offsite backup.  That will require that your backup software does the encryption before transmission.  If you do that, then encryption of the communications channel may be redundant.

 

If you want the data to be usable at the colo facility (like having the ability to search the backup remotely), then you may not want to encrypt before transmitting.  You should, however, use an encrypted transmission mechanism (like SSL) to ensure that the data cannot be snooped on by third parties between your site and the colo site.

 

However, this means that the data will sit at rest in an unencrypted format (so that it can be useful to you at the remote site.  That may require that you audit the system it resides on the same way you would if it were local.  Depending on your colo facility agreement, you may or may not be able to do that effectively.  Even if the colo facility says they will do all of the IDS and monitoring and such, your agreement with the colo facility may not mitigate your risks or reduce your legal responsibilities.  What happens if the colo facility has a cyber event (hack/break-in/etc) and your data is compromised?  Are they responsible for your mitigation costs?  Do they pay the regulatory fines (HIPAA/FERPA or your country’s equivalents)?  The agreement you have with the colo facility should be reviewed by competent counsel (attorneys with a good understanding of technology and the laws for your business type in your jurisdiction for privacy, confidentiality, etc.) to ensure that the risks that you’re taking are well understood.

 

So, I guess I’m saying that if you’re using your colo facility as a “backup tape replacement”, then encrypt the data before it goes out, otherwise, encrypt in transit.

 

---

Nick Giacobe

Research Technologist V and Ph.D Candidate

College of Information Sciences and Technology

Penn State University

101 Information Sciences and Technology Building

University Park, PA 16802

 

Message from valdis.kletnieks@vt.edu

On Thu, 11 Oct 2012 16:19:00 -0400, leo song said: > We need to transfer large volume of data centre data For what definition of "large"? Gigabytes? Terabytes? Petabytes? And what are the timing constraints? There's a big difference between "one-time copy of 15 terabytes that can run another 6 hours without breaking anything" and "we need to move 15T in 4 hours every night to meet an audit requirement".
No, not one time, rather constant data flow. I am not a storage folk so I don't have the accurate estimation of the data volume, but since they are data centre data so the TB will be appropriate scale.

I was asked to evaluate the VPN option, but I am hoping there are someone here doing the data encryption not at network layer, for example, if you are using NetApp, can NetApp encrypt the data blocks before sending them to the network, rather than letting VPN appliance to encrypt data  packets by packets?

Leo Song, Senior Analyst & Cluster Lead
Computing and Communication Services - Networking and Security
University of Guelph
(519) 824-4120 x 53181

From: "Valdis Kletnieks" <Valdis.Kletnieks@VT.EDU>
To: SECURITY@LISTSERV.EDUCAUSE.EDU
Sent: Friday, 12 October, 2012 4:30:42 PM
Subject: Re: [SECURITY] Data Transfer Accross Data Centres

On Thu, 11 Oct 2012 16:19:00 -0400, leo song said:

> We need to transfer large volume of data centre data

For what definition of "large"? Gigabytes? Terabytes? Petabytes?  And what
are the timing constraints?  There's a big difference between "one-time copy
of 15 terabytes that can run another 6 hours without breaking anything" and
"we need to move 15T in 4 hours every night to meet an audit requirement".
Message from lazerwit@yu.edu

This may be something to look into.  Extending the data center to the colo site

 

http://www.certesnetworks.com/securitysolutions/data-center-security.html

 

Regards,

 

Ian

 

Ian Lazerwitz, MBA, GSEC

Information Security Manager

Information Technology Services

Phone 212-960-0140

Cell 347-266-4661

InfoSec@YU.edu

Keep Your Account Safe – ITS Will Never Ask for Your Password

 

Close
Close


Annual Conference
September 29–October 2
Register Now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.