iCIS Intra Wiki
categories: Info - Support - Software - Hardware | AllPages - uncategorized
Difference between revisions of "Data Protection Policy"
(16 intermediate revisions by the same user not shown) | |||
Line 5: | Line 5: | ||
This page contains a basic overview of information from the Radboud University [http://www.ru.nl/privacy/english/ Privacy & Security ] website. | This page contains a basic overview of information from the Radboud University [http://www.ru.nl/privacy/english/ Privacy & Security ] website. | ||
− | == Information security | + | == Information security == |
Source: https://www.ru.nl/ict-uk/general/securing-your-information/ | Source: https://www.ru.nl/ict-uk/general/securing-your-information/ | ||
Line 20: | Line 20: | ||
View also [[#Security_Do.27s | other simple to-do's to guarantee your online privacy and protect your data]]. | View also [[#Security_Do.27s | other simple to-do's to guarantee your online privacy and protect your data]]. | ||
− | |||
− | |||
== Personal Data Protection Act == | == Personal Data Protection Act == | ||
Line 27: | Line 25: | ||
Source: https://www.ru.nl/privacy/english/protection-personal-data/personal-data/ | Source: https://www.ru.nl/privacy/english/protection-personal-data/personal-data/ | ||
− | Every person has a right to privacy and careful handling of his or her personal data. The Personal Data Protection Act specifies how personal data should be processed and automated. Personal data must, for example, be protected against loss and unlawful processing. Also, companies and organisations are only allowed to store data for a legitimate aim and not longer than necessary. | + | '''Question:''' What data is considered Personal data? |
+ | |||
+ | '''Answer:''' Roughly, personal data means data that can be traced to an individual, such as name, IP address, telephone number, employee or student number, study results or your bank account number. | ||
+ | |||
+ | Every person has a right to privacy and careful handling of his or her personal data. '''The Personal Data Protection Act''' specifies how '''personal data''' should be processed and automated. Personal data must, for example, be protected against loss and unlawful processing. Also, companies and organisations are only allowed to store data for a legitimate aim and not longer than necessary. | ||
4 guidelines for dealing with personal data | 4 guidelines for dealing with personal data | ||
Line 36: | Line 38: | ||
* Be transparent when collecting personal data en tell for what purpose you collect them. | * Be transparent when collecting personal data en tell for what purpose you collect them. | ||
* Make sure the collected personal data are well secured. | * Make sure the collected personal data are well secured. | ||
+ | |||
+ | More information can be found on | ||
− | + | * [http://www.ru.nl/privacy/english/ the Privacy- and security website of Radboud University]. | |
− | + | * [https://www.ru.nl/en/staff/services/campus-facilities/work-and-study-support-services/ict/security/privacy-and-using-personal-information Privacy and using personal information ] | |
− | + | * [https://www.ru.nl/en/staff/services/campus-facilities-buildings/ict/reporting-a-data-breach-or-security-incident Reporting a data breach or security incident] | |
− | + | * [https://www.ru.nl/en/regulations/personal-data-protection-regulations Personal Data Protection Regulations] | |
== Data Storage Policy == | == Data Storage Policy == | ||
− | Source: | + | Source: https://www.ru.nl/en/staff/services/campus-facilities-buildings/ict/security/sharing-and-storing-files-safely |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | When sharing documents (working together) the only safe way you can do this is either by using Workgroup folders (network shares) or | |
− | + | Microsoft Teams (cloud storage). | |
− | |||
For information about howto encrypt your files or your whole pc/laptop look at this wiki page about [[Encryption | Encryption]]. | For information about howto encrypt your files or your whole pc/laptop look at this wiki page about [[Encryption | Encryption]]. | ||
− | + | '''RU POLICY: laptops must be encrypted!!''' | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Security Do's == | == Security Do's == | ||
Line 125: | Line 67: | ||
# Encrypt your USB-stick or external hard drive | # Encrypt your USB-stick or external hard drive | ||
# Encrypt sensitive files | # Encrypt sensitive files | ||
− | # Use workgroup folders for working on documents with colleagues from other departments | + | # Use [https://www.ru.nl/en/staff/services/campus-facilities-buildings/ict/file-sharing-and-collaborating/using-work-group-folders workgroup folders] for working on documents with colleagues from other departments |
# Use Microsoft [https://www.ru.nl/en/staff/services/services-and-facilities/ict/software/teams Teams] for online collaboration on files in a team (in the cloud) | # Use Microsoft [https://www.ru.nl/en/staff/services/services-and-facilities/ict/software/teams Teams] for online collaboration on files in a team (in the cloud) | ||
# Send large files through SurfFileSender | # Send large files through SurfFileSender | ||
− | # Use eduVPN to work securely from home | + | # Use [https://www.ru.nl/en/staff/services/campus-facilities-buildings/ict/working-off-campus/vpn-off-campus-access-to-systems/using-eduvpn eduVPN] to work securely from home |
# Add the Radboud University disclaimer to you email signature | # Add the Radboud University disclaimer to you email signature | ||
# Empty folder such as 'Downloads' and 'Temp' regularly | # Empty folder such as 'Downloads' and 'Temp' regularly |
Latest revision as of 22:40, 19 September 2024
RU POLICY: laptops must be encrypted!!
This page contains a basic overview of information from the Radboud University Privacy & Security website.
Information security
Source: https://www.ru.nl/ict-uk/general/securing-your-information/
Radboud University takes the security of information very seriously and puts adequate measures into effect to prevent identity fraud and the spreading of viruses or spam from happening.
Here are five tips you can follow up to become ‘cybersafe’:
- Secure your laptop and other mobile devices such as usb-sticks and external harddrives
RU POLICY: laptops must be encrypted!! - Come up with a good password
- Lock your computer when you leave your spot
- Use Work group folders(network shares) or Microsoft Teams (files sharepoint in the cloud) for sharing files
- Use VPN for working at home
View also other simple to-do's to guarantee your online privacy and protect your data.
Personal Data Protection Act
Source: https://www.ru.nl/privacy/english/protection-personal-data/personal-data/
Question: What data is considered Personal data?
Answer: Roughly, personal data means data that can be traced to an individual, such as name, IP address, telephone number, employee or student number, study results or your bank account number.
Every person has a right to privacy and careful handling of his or her personal data. The Personal Data Protection Act specifies how personal data should be processed and automated. Personal data must, for example, be protected against loss and unlawful processing. Also, companies and organisations are only allowed to store data for a legitimate aim and not longer than necessary. 4 guidelines for dealing with personal data
Four central theme's in the Personal Data Protection Act can be pointed out when it comes the dealing with personal data: goal limitation, data minimasation, transparency and security. It means you should follow these guidelines:
- Document why and for what reason you save personal data and make sure the data will only be used for that specific purpose.
- Don't save personal data any longer than necessary (often there are statutory retention periods) and only save those data that you really need for reaching your goal.
- Be transparent when collecting personal data en tell for what purpose you collect them.
- Make sure the collected personal data are well secured.
More information can be found on
- the Privacy- and security website of Radboud University.
- Privacy and using personal information
- Reporting a data breach or security incident
- Personal Data Protection Regulations
Data Storage Policy
When sharing documents (working together) the only safe way you can do this is either by using Workgroup folders (network shares) or Microsoft Teams (cloud storage).
For information about howto encrypt your files or your whole pc/laptop look at this wiki page about Encryption.
RU POLICY: laptops must be encrypted!!
Security Do's
Source: Security Do's
DATA
- Lock your computer screen when you leave your workplace
- Encrypt your laptop
- Encrypt your USB-stick or external hard drive
- Encrypt sensitive files
- Use workgroup folders for working on documents with colleagues from other departments
- Use Microsoft Teams for online collaboration on files in a team (in the cloud)
- Send large files through SurfFileSender
- Use eduVPN to work securely from home
- Add the Radboud University disclaimer to you email signature
- Empty folder such as 'Downloads' and 'Temp' regularly
IDENTITY
- Use a strong password
- Never share your password, but delegate permissions instead
- Activate the spam filter
- Watch out for phishing
- Be alert while surfing the internet on where you might leave information
- Protect your identity on social media
DEVICES
- Install a firewall on your computer
- Install anti virus software on your computer
- Prevent your USB-stick from spreading malware
- Make sure you protect your mobile devices
- Check wireless networks on their safety