NATIONAL CYBERSECURITY AWARENESS, PART 3: Web Security - 10/22/09
When the University’s Business Services employees launch a Web site or page or post documents, the majority understand the significance of security awareness. What some may not know, however, is the availability of an online tool designed to help them determine the amount of security their data needs and how to get it in place.
The tool, “Security Levels for PPWC” for Business Services Web pages and applications, is provided by ITSO Web Services. It charts out in business terms the different types of access available for Web pages and online data. It also explains the security method associated with the access, the process to obtain it and the potential risks.
As an example, access to the Business @ Purdue Web site is available only to computers with a Purdue domain address. That means anyone using a Purdue computer can enter the site. However, the site cannot be accessed from a non-Purdue computer unless the user is logged on via Purdue’s Virtual Private Network (VPN).
Other security methods described on the chart include Career Account ID and password for staff, faculty and students, for staff and faculty only, or for students only. This type of access also can be allowed for departments and small groups, and in some cases, a global password can be assigned.
Because data posted on the Web may be vulnerable to unauthorized access, individuals responsible for the material’s security must evaluate its sensitivity and the best means to keep it safe.
Besides relying on the “Security Levels for PPWC” chart, Vicki Brantner, Web coordinator and developer for Business Services Computing, is available to discuss the security options and make recommendations. Once Brantner and the customer have agreed on the security settings, she will deliver the request to ITSO Web Services for implementation. After security is established, she remains available to the customer to answer questions about troubleshooting and file access. She also serves as liaison between the Business Services departments and ITSO Web Services.
For more information about Web security and restricted access to Web sites, pages and files, please contact Vicki Brantner by email or by phone at 494-0165.
For more information about the National Cybersecurity Awareness campaign, please visit SecurePurdue.