Newsletter: July 2008
Welcome to the July State Agency RMO Newsletter!
Farewell to David Lovell
It is with a mixture of joy and sadness that we bid farewell to David Lovell, our assistant manager at the State Records Center. Dave has recently accepted a challenging new position elsewhere in the State Education Department and we wish him all the best.
Fall Workshop Survey
Thank you to everyone who participated in our fall workshop survey. As always your input is greatly valued. We are currently putting together a schedule for next season, and will share it with you as soon as we can!
New Online Workshop Registration Site
While we’re on the subject of workshops, it is with great pleasure that we are able to unveil our new online workshop registration pages. This new site feature allows you to easily identify and register for Archives training events. Currently, State Agency Services does not have any workshops scheduled for state agencies, but you will be able to register online for workshops this fall.
Services: Program Wellness
One of the services State Agency Services provides to state agencies is our “Program Wellness” initiative. Program Wellness is designed to promote overall program success by ensuring that agency records management programs are functioning to the best of their ability. Central to this service are “Program Check-ups,” where State Archives staff work with the agency records management officers to evaluate their records management program and identify key areas for improvement. Follow-up steps may include the agency conducting record inventories, creating or updating records retention schedules, developing policies and procedures, implementing good records management practices, training staff about records management, and facilitating changes throughout the organization. Currently, several state agencies are participating in the project. If you are interested in having your agency take part, please contact Jennifer O’Neill at 473-2112 or firstname.lastname@example.org
CSCIC Cybersecurity Tips – Data Breach
One increasingly common security issue that you may find yourself facing in your agency is a data breach. A data breach generally refers to instances where information has been subject to unauthorized access, often where the information is lost, stolen or hacked into. This is of particular concern when that information is private, sensitive, or confidential. Organizations and individuals have the responsibility of protecting the information in their care and proper safekeeping of this data is vital. Failure to do so can result not only in a breach, but also result in damage to reputation, significant fines or loss of revenue, and other negative consequences. More than 227 million records nationwide have been involved in a breach since February 2005. This figure represents only those that have been reported, so it may reflect only a portion of the actual occurrences. This is an issue that everyone must be aware of and take steps to mitigate.
Some examples of data that must be protected include the following:
- Customer or employee information with names, addresses, Social Security numbers, credit card numbers, passwords and other identity-related information
- Intellectual property
- Financial information
- Health records of individuals
Data can be compromised or disclosed by hackers attempting to steal names, Social Security numbers, credit card accounts and other information is one method of obtaining data. Attackers may use social engineering, phishing or other similar attempts to gain access. These activities can translate into very large sums of revenue for those in the organized crime world. While very sophisticated techniques are sometimes used to steal sensitive data, one of the most common threats comes from within the organization itself. According to Deloitte's 2007 Global Security Survey, 65 percent of respondents reported repeated external breaches. Of those incidents, 18 percent stemmed from unintentional data leakage. The report also indicates that some of the surveyed data breaches went undetected for extended periods. The loss or theft of data is not limited to electronic data loss or computer hacking. Other possibilities include physical loss of hard copy documents, theft or loss of laptops, tapes and flash-drive devices or improper disposal of hard copy documents.
That’s it for this month! Remember that we want to hear from you. State Agency Services is here to help make your job easier by answering questions, doing site visits, and providing training.
Have a great holiday weekend!