Electronic Data Security Services

The responsibilities of all Users in supporting and upholding the security of sensitive electronic data can be found in the University’s Electronic Data Security Policy that can be accessed via the link below.

http://www.mun.ca/policy/site/policy.php?id=248

ITS offers a number of different services and options to assist clients in protecting electronic data from accidental disclosure, modification, and loss. This page provides an overview of these services.

List of Services

1) Network File Shares

The Department of Information Technology Services (ITS) manages network-based file shares on behalf of clients. Unlike data stored on a local hard drive, data stored on a file share is neither lost (disclosed) in the event of device theft, nor lost in the event of local hard drive failure. Network file shares are therefore the preferred storage location for sensitive University files. Full details regarding this service offering can be found:

· http://www.mun.ca/cc/services/servicecatalogue/CentralFileShare.php

2) Full Disk Encryption

As noted in the University EDS policy, all laptops purchased with University funds and all laptops used to transport or store sensitive electronic data must have approved encryption software installed.

ITS provides a service to encrypt University-owned laptops using McAfee Endpoint Encryption (MEE) software. If a laptop is not encrypted:

• Contact IT Procurement to purchase MEE software
• Complete McAfee Employee Encryption Access form and return to ITS
• Contact ITS to set up an encryption appointment

Full details regarding this service can be found: http://www.mun.ca/its/dataencryption/fde.php

3) Information Security Awareness Training

The Department of Information Technology Services (ITS) provides information security awareness training designed to increase awareness of common computer security threats. This Desire2Learn-based course is available to all faculty, staff, and students on all campuses (St. John's, MI, and Grenfell). Simply log into Desire2Learn https://online.mun.ca using your MUN Login ID and password, and click 'MUN Information Security Awareness Training' under 'My Courses'.


4) Encrypted Thumb Drives

Sensitive data copied to thumb drives, however temporarily, should also be encrypted to protect against possible loss or theft. Hardware encrypted USB drives that automate this task and are both Windows- and Mac-compatible are available at the University’s IT Procurement.

5) Mobile Phone Encryption

Mobile phones configured to use the Exchange email service are automatically encrypted. Clients who do not use Exchange are encouraged to contact the ITS Service Desk help@mun.ca for assistance encrypting and password-protecting their mobile devices.

6) Document Encryption

In the event sensitive information must be shared via email, it should first be encrypted. Microsoft Office documents can be encrypted by following the instruction located,
http://www.mun.ca/cc/services/security/resources/DocumentEncryption.php

Non-Office documents, and collections of documents can be encrypted using WinZip [link: http://kb.winzip.com/kb/entry/78/].

In both cases it is vital the decryption password not be sent as part of the same message. It should be sent in a completely separate message, or better still, shared out-of-band using some method other than email (e.g., provide the password to the recipient over the phone).

Clients seeking additional information on any of these services should contact the ITS service desk at 864-4595 or email at help@mun.ca

Contact

Information Technology Services

230 Elizabeth Ave

St. John's, NL A1B 3X9 CANADA

Tel: (709) 864-2530

Fax: (709) 864-2552

becomestudent@mun.ca