UBC Mathematics: MathNet FAQ [UBC Policy of Security of Personal/Private Information]
UBC Mathematics: MathNet FAQ [UBC Policy of Security of Personal/Private Information]
Question: What are the policies/procedures for handling personal/private information at UBC?
Author: Joseph Tam, The Ha, Thi Dinh Nguyen, Tony Cung Nguyen
Date: Feb. 10, 2016
Preamble: What's this all about?
The British Columbia Freedom of Information and Protection
of Privacy Act (BC FIPPA) [1] requires public bodies, such as
UBC, to safeguard personal and private information (PPI) that
they process. Some references are provided below on the current
University policies and guidelines available online [2-7]. Over
and above the legal obligations, methods to securing information
also has benefits for PPI data of the device owner.
[Expand this section]
In summary, reasonable steps must be taken so that personal and
private data
- have proper access control so that only qualified
personnel have access.
- stored/handled by systems within Canadian borders
- reasonably protected from physical access and theft
Examples of personal and private information (PPI) include
- student numbers, SIN, passport#, employee#, enrolment data
- personal contact information (work contact is not considered PPI)
- identifiable photograph of person
- (see [7] for more examples.)
Examples of practices that contravene BC FIPPA legislation and/or UBC
guidelines:
- forwarding of Email messages to non-Canadian Email
providers (such as Google, Hotmail, Yahoo, etc.) where
PPI of a third party is being communicated.
- storage of PPI data on non-campus cloud storage
service like Dropbox, OneDrive, iCloud, etc. This
applies even if the data being stored is encrypted.
- storage of PPI data on unencrypted, unsecured (i.e.
confined in locked and alarmed area when not in use)
USB memory device.
- working and storing PPI data on computer that is not
physically or digitally secured (laptop with unencrypted
storage not locked/alarmed when not in use).
Over and above the legal requirements, securing all data
on your personal devices can also protect your own personal
information from falling into the hands of people who commit
identity fraud. Even if you don't handle PPI, it's worth
considering securing your data even when you're not legally
obligated to.
References:
-
[1]
http://www.bclaws.ca/Recon/document/ID/freeside/96165_00
- BC FIPPA legislation.
(References [2]-[5] shamelessly stolen from UBC CS Security Quiz page:
https://www.cs.ubc.ca/survey/security-quiz)
-
[2]
http://universitycounsel.ubc.ca/files/2013/06/policy104.pdf
-
University Policy #104 (Acceptable Use and Security of
UBC Electronic Information and Systems)
-
[3]
http://cio.ubc.ca/security-standards-home/...
-
University Security Standards for users of IT systems
(mandatory standards with other resources).
-
[4]
http://universitycounsel.ubc.ca/access-and-privacy/privacy/
-
UBC Access and Privacy Guide for Faculty and Staff.
-
[5]
http://facultystaff.students.ubc.ca/data-security
-
Student Information System (SIS) data security requirements.
-
[6]
security@ubc.ca
-
Email contact to report stolen equipment with private information, or data security breaches.
-
[7]
http://universitycounsel.ubc.ca/files/2012/08/Fact-Sheet-What-is-Personal-Information.pdf
-
Examples of Personal Information subject to protection by BC FIPPA.
-
Strategies to comply with relevant laws and regulations
There are 3 broad strategies to comply with Provincial and
UBC security policies: avoid collecting/storing PPI on personal
devices, use secured facilities such as online University systems,
or encrypt information stored on personal devices.
[Expand this section]
Avoidance
If you do not require PPI for your work, you can simply
and easily be compliant by removing this data from your
personal computer, and avoid storing or handling this
information on your personal device.
Use University/department secured systems
You may be able to take advantage of online systems offered
by the University or our department to process PPI data, such as
strudent records. Example of such systems include:
- University provided Email accessed via mail client.
- online web system and applications used to process
student information, such as SIS or our
MathNet User Services portal.
- University storage services such as Workspace2 or
MathNet ownCloud to distribute PPI data. (If you use
it as a replication tool, you'll still have to secure
the replicated copies.)
Care must be taken that the PPI data remain within
these secured systems, and not, for example, trsnsferred
to unprotected storage on the user's laptop or other
portable storage device.
For example, our webmail facility will not leave
messages on your remote system, but downloading
attachments onto your desktop may allow unauthorized
parties to gain access to this data should you lose
control of your computer.
Encrypting data stored on personal devices
Encryption of data kept on physically unsecured
devices will protect data should they ever fall into
the possession of unauthorized people, for example,
if a device is stolen or lost.
Encrypting data falls into 3 scopes:
- File level encryption: spreadsheets, documents, etc.
can be encrypted on a file by file basis. Many document
readers (e.g. MS Office suite, Adobe Professional, Zip)
offer method to password protect documents.
- Advantage: easy, least invasive, least time
consuming method to install. It will protect
data when communicated over insecure medium
e.g. attached to Email.
- Disadvantage: may leave documents
in unprotected state while being processed
(e.g. temporary unencrypted copies are left while
it is being edited). Not all applications offer
encryption/password protection of documents.
Passwords must be communicated to those who
must also access the data. Passwords must be
used every time the file is accessed by the
application.
Unless you rarely handle PPI data, this method is not
recommended because of the likelihood of leaving
documents in an unsecured state if great care is not taken.
- Volume/directory level encryption: this method
encrypts an entire folder or container of files.
All files within are protected with an encryption key,
usually a password, or in some cases, a USB key.
- Advantage: improvement on file-by-file encryption as all
documents within folder/container are encrypted. Little risk of
disrupting existing applications.
- Disadvantage: requires more set up, still prone to leaving
document unsecured if documents are mopved or copied outside secured
area, must supply password each time encrypted volumes is mounted
(typically, once per login session).
- Whole disk encryption: this method extends volume/folder encryption
by encompassing the entire storage device (e.g. hard disk). It offers the
most comprehensive protection of sensitive data.
- Advantage: most comprehensive protection of data for personal
devices and minimizes the chances of storing data in an unprotected
state. Many platforms will support it (e.g. recent versions of
Windows, Mac OSX) providing seamless protection.
- Disadvantage: if not offered by native OS, requires more set up.
May require OS upgrade and/or application upgrade. Loss of encryption
key can result in loss of all data and make the device unusable --
some solutions offer key escrow/backup to minimize this problem.
Installation/conversion can take a very long time, including the
time to back up existing data (a recommended procedure). May not
work with multi-boot systems.
Volume/Disk level encryption solutions
These are some of the solutions you can use if you need
to store sensitive or personal/private data on your personal
workstation/laptop
Show solutions for:
[Windows]
[MacOSX]
[Linux]
- BitLocker
- Type: whole disk encryption
- Platforms: Windows Vista, 7, 8, 10 (works best with Windows 10 + TPM)
- Advantages:
- native OS support, seamless operation
- (Windows10) takes advantage of available TPM chip
- recommended choice for Windows10 system (or those
that want to upgrade to Windows 10).
- Disadvantages:
- keys must be backup'd
- (Windows7) requires USB key for booting
- if upgraded to Windows10 to take full advantage of
BitLocker, may break some pre-existing applications.
- References:
- FileVault
- Type: whole disk encryption
- Platforms: MacOSX >=10.7 (FileVault2), MacOSX <10.7 (FileVault)
- Advantages:
- native OS support, operation
- recommended choice if key escrow/auditing not required
- Disadvantages:
- older FileVault may be flaky(?)
- References:
- McAfee Endpoint Encryption
- Type: whole disk encryption
- Platforms:
- Windows Server 2003 SP1
- Windows Server 2008
- Windows XP Professional SP3
- Windows Vista SP1
- Windows 7 and SP1, Enterprise and Ultimate
- Windows 8 and 8.1, Enterprise and Professional
- MacOSX (>10.7.0)
- Advantages:
- offered free by UBC
- key escrow service to recover lost keys
- uses native OS protection when possible
- support for older platforms
- Disadvantages:
- no Linux support
- installation requires backup for safety
- References:
- VeraCrypt (forked from TrueCrypt)
- Type: volume encryption
- Platforms:
- Windows (>XP)
- MacOSX (>10.6)
- Linux x86 (kernel >=2.6)
- Advantages:
- cross-platform compatibility: works on all 3
major platforms. Ability be copied to another system
and accessed there makes it so suitable for backing up
encrypted volumes without losing protection.
- Supports older OS
- Open source, wide distribution.
- Disadvantages:
- does not protect entire disk: care must be used to place
all PPI data within encrypted volume.
- must manually mount volume whenever you log in
- References:
- dm-crypt/LUKS
- Type: volume or near whole disk encryption
- Platforms: Linux
- Advantages:
- Disadvantages:
- does not support alternate boot OS
- requires some technical expertise to install
- References:
|