Coffee Hour: The risks associated with data and the resources to mitigate exposure

Friday, February 15, 2013 - 3:30pm to 5:00pm
Refreshments offered at 3:30 p.m. in room 319 Walker Building. Talk begins at 4:00 p.m. in room 112 Walker Building.

About the talk

Due to the sensitive nature of this talk, a security log-in and password is required to view the video. Email for more information.

Data is everywhere. It is used in our daily communications and in our research collection, analysis and distribution methods. There are various life cycles of the data, which may initially be restricted and then evolve into a more public capacity. Data often needs to be preserved for certain periods of time before it can be released and shared with others. Yet there are key personnel who may have a need to access the data in the interim from remote locations. 


While we need to use, store and process data in order to properly function in our digital world, there are many high-stake risks that are associated with the improper use, storage and sharing of information. Imagine if you were in the midst of a significant project and your data went missing or was shared with the public before it was ready to be released. What if a legislative authority shut down the project due to a data breach? Although these are unthinkable measures, the risks around data exist.


Learn more about the potential risks associated with data and the available resources to help mitigate exposure. Engage with several representatives from the Security Operations and Services team to share your concerns and identify the potential data points that are at a high risk.

 About the speakers

Stew.JennJennifer (Jenn) A. Stewart is a system and network security analyst within ITS Security Operations and Services. Jenn leads the security office efforts related to the development, implementation, training and communication of a University-wide Governance Risk and Compliance tool and interacts with stakeholders in the University community to further the efforts.

Jenn has worked with the University for over 12 years and holds the designation of a Certified Information Privacy Professional/Information Technology (CIPP/IT) with the International Association for Privacy Professionals (IAPP). Part of her other initiatives at Penn State include analyzing, prioritizing, and responding independently to legal and regulatory compliance reviews and ensuring that information systems are implemented in accordance with information security best practices, University policy and as appropriate to Federal, state, and local laws and regulations (e.g., HIPAA, PCI-DSS, GLBA).

She also actively develops, plans, and delivers security and compliance-related presentations and briefings to University and external venues.

Smiley.Ed.Ed Smiley is the manager of Compliance and Assessments within ITS Security Operations and Services.  Ed leads the PCI compliance, vulnerability and web application assessments, and penetration-testing programs related to enterprise compliance at the University.  Ed is currently enrolled in the Information Technology Leadership Program (ITLP), a program to enhance the professional and personal development of Information Technology (IT) Professionals and sits on many strategic committees related to process and change of IT at Penn State.

Ed has been at the University for almost 12 years and six of those were spent getting his Ph.D from the Department of Chemistry in 2006.  His focus for his Ph.D was "Molecular Dynamics Simulations of Atomic and Cluster Bombarded Surfaces" and was co-advised by Dr. Nicholas Winograd and Dr. Barbara Garrison.  After graduate school, Ed moved towards his passion of IT and Information Security and has been working in ITS Security Operations and Services for six years. Ed is also a GIAC Certified Penetration Tester (GIAC).