The protection of the private information of Luther Seminary community members is of critical importance to the Office of Technology (OT). The three components below describe in broad terms how the institution is protecting that private information. In addition, this program ensures compliance with Title IV financial aid requirements for protecting student financial aid information.<\/p>\n\n\n\n
Luther Seminary is taking three main approaches<\/p>\n\n\n\n
Through a data classification policy<\/a> Luther Seminary defines three types of data and how such data should be handled. These definitions provide a common language to describe the information used by departments in various ways. Those three types are<\/p>\n\n\n\n Servers found on campus which are maintained by OT have multiple layers of protection from being within a secure campus network. With the growing use of cloud data storage we need to keep in mind that data that is considered regulated<\/em> should not be kept in cloud storage, with the exception of FERPA data in Luther Seminary’s Google Drive.<\/p>\n\n\n\n Additional activities relating to GLBA and FTC Safeguards compliance are maintained on internal documentation.<\/p>\n\n\n\n <\/p>\n\n\n\n Utilizing multi-factor authentication with Duo<\/a>, user accounts have an added layer of protection.<\/p>\n\n\n\n Faculty and staff are the best defense against preventing a loss of data. They are also the most frequent targets through email phishing scams. People are no longer trying to break into organizations. They are trying to trick people into handing over their keys (i.e. their password). To learn more about phishing and cybersecurity, please read these previous blog posts:<\/p>\n\n\n\n Working remotely introduces more flexibility but also opens us to more risk being further from our colleagues. The need to verify unusual requests directly with the person via phone or video conferencing is increased.<\/p>\n\n\n\n Here are some general tips sheets for remote work information security from security experts.<\/p>\n\n\n\n To ensure all faculty and staff are aware of effective practices Luther Seminary has subscribed to Data Security training from Curricula. Training faculty and staff ensures we remain compliant with the Title IV financial aid requirements for protecting student information. Training shall be sent to employees in twice a calendar year along with follow-up phishing simulations. Employees can login here<\/a>.<\/p>\n\n\n\n\n
Protecting<\/h2>\n\n\n\n
\n
Educating<\/h2>\n\n\n\n
\n
Working Remotely<\/h3>\n\n\n\n
\n
Training<\/h3>\n\n\n\n
Program Coordinator<\/h2>\n\n\n\n