Oct. 18, 2007
By Sean O'Malley
When asked to explain information security to non-techies, Matthew Dalton likes to draw a parallel between data and food - mayonnaise to be exact.
"Safety standards are an integral part of learning how to shop for and prepare food," he says. "As a result, most people know that an opened jar of mayonnaise needs to be kept cold. They don't think of it as a standard, per se. It's just common knowledge."
Likewise, the new director of information security for Ohio University's Office of Information Technology wants to see data security standards become part of the university community's common knowledge.
To help achieve this awareness, OIT will publish a series of short tips in Outlook covering basic information security best practices through the end of October, National Cyber Security Awareness Month. Tips will appear in Outlook every Monday, Wednesday and Friday.
"Security starts with your own computer," OIT Senior Security Analyst Ed Carter says, noting that you can greatly reduce your exposure by taking simple steps such as installing anti-virus software, turning on your computer's built-in firewall, keeping your operating system up to date and making sure your passwords are not easily guessed.
Getting the word out about best practices like these is OIT's goal.
"You don't achieve security by clamping down and making it hard for people to do their jobs," Dalton says. "You achieve security by helping people understand that data has value, and that there are specific, simple steps they can take to preserve that value."
Carter notes that many good information security resources are available online, citing the National Cyber Security Alliance's "Top Eight" list, found at http://staysafeonline.org/practices/, as an excellent resource for the average computer user.