Tufts' University Information Technology (UIT) next semester will launch a campaign focused on increasing the security of electronic data, part of broader efforts to ensure the safety of university information.
The goal of the campaign is to highlight practices that guard against security breaches and keep data secure, Dawn Irish, director of communications and organizational effectiveness for UIT, said.
"It can keep people informed of what they can do to protect information, so you know, creating strong passwords, clicking with care, ensuring that they remove or protect sensitive information that might be on their computer, staying up to date with antivirus software, using a firewall," Irish said. "Just really basic, easy things that anybody could do that will help protect them personally and also help protect the university."
The campaign will target faculty, staff and students, according to Irish, and the implementation process will be gradual.
"We'll probably be putting up about 200 posters over the next three to five months," Irish said.
The UIT campaign was precipitated by the recent surge in highly publicized security breaches, and a subsequent law put in place to counter these attacks, according to Irish.
"There was a new law that was put into place … about a year and a half ago that requires companies to protect the information of their customers," Irish said. "In this case, our customers are students, so by law, we must protect students' data."
Planning for the campaign began last summer, according to Irish, and is set to begin after the new year.
"It entails a brochure that we created for faculty and staff that gives them practical ideas to safeguard Tufts data," Irish said. "And it involves an advertising campaign in the Daily that mirrors the posters that we created."
Several subdivisions of UIT worked on the effort, including Information Security and Communications and Organizational Effectiveness, Irish said.
The endeavor is not the first university effort to emphasize data security. Last spring, UIT launched a website called "Guard It," which increased awareness about protecting personal information.
"That was the first iteration of the campaign," Irish said. "On that site, we have all sorts of little tidbits, interesting information — we have videos, we have games, we have a lot of different things."
Though the chance of a security breach cannot be completely wiped away, Irish hopes UIT's advertising efforts will stress to students the importance of protecting their data.
"We're just coming at it from many different angles, and none of these things will go away — they'll just all be part of our catalogue of security awareness," Irish said.
Tufts OnLine, a student-run group that provides computer support services, has a similar ongoing awareness campaign and mission. Approximately a decade ago, it began distributing antivirus software to students, according to Judi Vellucci, supervisor of Tufts OnLine, which is a subgroup of UIT. Since then, the group has extended its outreach into student dormitories, where Vellucci places posters that bring attention to personal security.
"Antivirus and personal security — that tends to be where I focus," Vellucci said. More posters targeted directly to students will go up before winter break, according to Vellucci.
Vellucci, citing an increase in compromised computers over the years, echoed the importance of conscientious student practices online to ensure safe computers and guard against viruses.
In the past month, about 26 percent of the student computers brought to Tufts OnLine were for virus issues. Tufts OnLine reported that another 10 percent of student computers brought in were affected by spyware, according to Vellucci.
Technology, however, is not the only aspect of data protection.
"A lot of people think that data protection is an IT problem," Irish said. "It's not really an IT problem, although there are some IT components to it. It's really a business process as much as anything. It's about having policies and procedures that help keep information safe."
Each Tufts school has appointed so-called information stewards who are responsible for ensuring that policies supporting data security are implemented and followed, according to Marc Miller, an information steward for the School of Arts and Sciences and the director of administration and finance for the School of Arts and Sciences.
The Information Stewards program began in 2009, according to University Records Manager Eliot Wilczek.
"In a general sense, it was in response to the recognition that we're an institution that has a lot … of personal info that presents a nontrivial risk to the university," Wilczek said. "We need to make sure that we're protecting it well."
