Published November 30, 2016
UB is ending the second and final phase of its 2016 university-wide security assessments, designed to protect sensitive information provided by students and faculty from security breaches.
The two-phase project was first endorsed by President Tripathi and Provost Zukoski in June 2016 as a proactive response to reports of data breaches at other institutions. At UB, there are very few instances of identity theft, on the scale of a few dozen per year, typically a result of phishing.
The first phase, which took place during August 2016, surveyed how UB and its entities are using student information, making sure that the data is used safely and properly.
"The biggest threats are around the use and tracking of, for example, social security numbers," said Jeff Murphy, UB Interim Information Security Officer. "The university is looking at where all the social security numbers are collected, what are they used for and what we need to improve in order to ensure that nobody is able to steal that information."
The university is asking all schools and departments for information about who is collecting data and how it's being used. The university authorizes specific individuals to collect data, but this assessment will determine which parties are actually collecting data, what they are using it for and what can be done to keep any collected data safe.
According to Murphy, the final phase involves examining the gap between how these individuals secure protected data, and how industry recommendations suggest it should be secured.
"The result," Murphy said, "will be a comprehensive asset and workflow inventory, the foundation for a robust, secure environment."
To prevent information from being stolen, students should be mindful of the phishing scams that can bombard your email account.