Due to the openness of the environment and culture, coupled with fast research networks, universities are constantly probed and under cyber attack from various vectors. The "bad actors" are constantly looking for weaknesses in our computers and network, trying to infiltrate to steal information or misuse our technologies.
Each one of us is responsible for safeguarding the information that we are entrusted with.
We must all be aware of the cyber risks and understand that higher education institutions are constantly
under cyber attack. It is our responsibility to implement sufficient security controls
to protect the data under our care in accordance to appropriate security policies and regulations.
Examples of sensitive information include (but are not limited to):
Both the data itself and the computer used to access/manipulate the data need to be protected. Information on protecting sensitive information can be found in AskUs 1266. Information on securing your computer can be found in AskUs 593.
Special security precautions must be taken when using a mobile device (laptops, smartphones, tablets, etc.) Best practices for using these types of devices are found in:
Faculty members collecting research data (especially if using human subjects) or using institutional information have additional considerations and should be familiar with the University of Hawaii Institutional Review Board and should also read Information Security for Research.
For easy reference, a list of applicable UH policies, state regulations and federal regulations is provided below.