One Step Ahead: Security Tips from The Almanac


	Wednesday, November 25, 2009

	Security "Greatest Hits"
	Managing Passwords
	E-mail Harassment & Forgery
	Hoaxes, frauds & scams
	Spam
	Phishing
	Wireless Networking
	Encryption & digital signatures

	Best Practices
	Secure desktop computing
	Secure servers
	Secure web applications
	Secure web development
	Secure data deletion
	Tips for safe computing
	Computing policies

	More in-depth information for
	Local support providers
	System administrators
	Application developers

	Security initiatives
	Critical host compliance
	Authentication & authorization
	Penn Security & Privacy Assessment (SPIA)
	Security Liaisons (Restricted Access)
	Secure Share
	NeXpose Vulnerability Scanner

	Related links
	Electronic privacy
	PennKey
	Viruses
	Worms, trojans, backdoors

One Step Ahead: Almanac Security Tips - 2009

In each issue, Penn's Journal of Record, The Almanac publishes helpful tips and hints for dealing with information security and privacy matters. This page is a collection of all those published thus far.

New! You can now receive new One-Step-Ahead Security and Privacy Tips automatically!
You can subscribe via Email or RSS.

Table of Contents (view all)

Search Engines: Raising the Stakes
You Can't Lose Data That You Don't Have
Password Cracking: The Pot of Gold at the End of the Rainbow
PennKey Opens Many Doors: Keep it Safe
Software Piracy
Collect Personal Documents and Computer Hard Drives for Free Shredding at the Employee Resource Fair
Don’t Use Excessive Privileges on Your Computer
Do You Google? Know How to Protect Your Privacy
Online Statements and Bill Payments: Safer Than Paper?
Updated Purchase Order Terms and Conditions Regarding Information Privacy & Security
Sanitize Word, Excel, and PowerPoint Docs Before Publishing
Exchange Sensitive Data Securely Using Secure Share
Facebook Sharing Can Be Broader than You Think: A Birthday Example
Managing Facebook's Privacy Settings for Safe Use
Be Careful with Facebook Apps

Whats popular?

email mobile devices identity theft software phishing privacy security wireless social networking documents home computing www virus keyloggers hackers spam passwords SSNs

Tuesday, May 5, 2009 - Almanac Vol. 55, No. 32

Updated Purchase Order Terms and Conditions Regarding Information Privacy & Security

The University's Purchase Order Terms and Conditions document states the general terms of contracts applicable between the University and its vendors. The document is automatically incorporated into each University purchase order. Recently, the Terms and Conditions were updated with respect to privacy and security of information. The new Terms and Conditions include strong requirements to protect confidential data, including provisions for data security safeguards, access and use restrictions and breach reporting.

See www.purchasing.upenn.edu/for_suppliers/terms-conditions-exhibit-A.pdf

As indicated, the Purchase Order Terms and Conditions set out general requirements for University purchase orders and contracts. It is important to note that there could also be circumstances involving, for example, particularly sensitive data, where more extensive contractual protections would be warranted.

If your school or center is renewing or renegotiating a vendor agreement that involves storage, transmission or processing of confidential data, be sure that appropriate data privacy and security requirements are included in the agreement.

For more information regarding data privacy, contact the Office of Audit, Compliance and Privacy at (215) 573-4492. For questions concerning the applicability of the Purchase Order Terms and Conditions, contact Purchasing Services at (215) 898-7216.



Information Systems and Computing University of Pennsylvania Comments & Questions