WSU Cougar Head Logo Washington State University
WSU Insider
News and Information for Faculty, Staff, and the WSU Community

Fighting identity theft

Identifying and securing confidential and nonpublic data at WSU ratcheted up this month under the direction of a universitywide data security taskforce.

The task force, comprised of “data custodians” representing Information Technology Services and the IT Security Office, ensures that WSU complies with recent legislation RCW 42.56.590, as well as other federal and state laws and WSU policies. Following are some items the task force has instituted:

Risk assessment
A key first step is conducting a risk assessment of the university’s confidential information assets to help departments identify and remediate areas that present high risks. Several departments and colleges are participating in a pilot assessment study in the form of a questionnaire that will:
• identify confidential data collected, managed and maintained by departments
• help determine the risk associated with that data
• help ensure the data and hosting devices are properly protected
The ITS Security group will meet with departments to review results and improve data security.

Confidential data
Access to Social Security numbers and other sensitive information managed through the data warehouse software programs and Admissions Data Mart have been restructured. WSU employees who access this data will be reauthorized based on job duties and responsibilities.

In the Student and Financial Data Warehouses, Social Security number access has been restricted to those few people who have been pre-approved for business reasons. Additional data regarding race/ethnic origin, disability and veteran’s status has also been restricted in the Financial Data Warehouse.

Social Security numbers are being removed from nearly one third of official university business paper forms found in the BPPM and SPPM. The remaining forms that request a Social Security number, bank number or driver’s license number are under review. Where possible, the request for this data will be removed from the forms. Instead, WSU ID numbers or other information will be used to meet business requirements.

Authorization, reauthorization
The security of Administrative Information Systems (AIS) has been improved by denying AIS account access to employees whose work with the university has been terminated — typically within 24 hours. Additional measures are being taken to remove account access for current employees that have not used their account for one year or more. These steps will reduce the number of active AIS accounts by 30 percent. Account access can be reinstated with proper approval.

An automated authorization process for new employees and reauthorization process for existing employees using ITS managed university data including AIS is being developed.

Third-party contracts
Language regarding data security and confidentiality has been drafted for use in third-party contracts. The language covers use and nondisclosure of confidential data and exceptions between WSU and vendors. Vendors are obligated to secure confidential data and take specific steps if there is any breach of security. The language will be available following administrative approval.

Next Story

Mourning the loss of Tyre Nichols

Washington State University System President Kirk Schulz released the following letter to the WSU community on Friday, Jan. 27 addressing the tragic death of Tyre Nichols earlier this month.

Recent News

Mourning the loss of Tyre Nichols

Washington State University System President Kirk Schulz released the following letter to the WSU community on Friday, Jan. 27 addressing the tragic death of Tyre Nichols earlier this month.

Forest debris could shelter huckleberry from climate change

WSU scientists are at work in Northwest forests, studying how fallen logs and other woodland debris could shelter the huckleberry from a hotter, drier future.

WSU helps dog recover from lung condition

It is still a mystery as to what caused abscesses to engulf the lungs of Ashley Hayes’ dog, Blaze, but he is now back in good health thanks to the care he received at WSU.

Find More News

Subscribe for more updates