VA Privacy and Information Security Awareness and Rules of ...

VA Privacy and Information Security Awareness and Rules of

Behavior

FY14 Text-Only Course Transcript

Table of Contents

Table of Contents .......................................................................................................... 0 Purpose of this Document............................................................................................ 3

Using this Document .................................................................................................... 3 Module 1: Welcome and Introduction.......................................................................... 4

Why Am I Taking this Course?..................................................................................... 4 Who Must Take this Course?....................................................................................... 4 Rules of Behavior (ROB).............................................................................................. 5 Course Objectives........................................................................................................ 6 Module 2: Overview of Privacy and Information Security ......................................... 7 Module Objectives ....................................................................................................... 7 Protecting Privacy and Information Security ................................................................ 7 Privacy: What to Protect .............................................................................................. 8 Information Security: How to Protect It....................................................................... 10 Protecting VA Sensitive Information........................................................................... 10 Who Can Provide Support? ....................................................................................... 11 The Continuous Readiness in Information Security Program..................................... 13 It's in Your Hands ? Module Summary....................................................................... 14 Module 3: Private Conversations and Paper Records and Files............................. 15 Module Objectives ..................................................................................................... 15 Private Conversations ................................................................................................ 15 What Are Records?.................................................................................................... 16 Records...................................................................................................................... 17 Protecting Paper Documents, Records, and Files ..................................................... 17 Log Books .................................................................................................................. 21 It's in Your Hands ? Module Summary....................................................................... 24 Module 4: Privacy in Electronic Communications ................................................... 25 Module Objectives ..................................................................................................... 25 Email Encryption ........................................................................................................ 25

FY14 Text-Only Course Transcript

Page | 0

Secure Email Practices .............................................................................................. 27 Instant Messaging and Texting .................................................................................. 30 Electronic Calendars .................................................................................................. 30 Microsoft SharePoint.................................................................................................. 31 Using Social Media .................................................................................................... 32 It's in Your Hands ? Module Summary....................................................................... 33 Module 5: Protecting Electronic Devices .................................................................. 34 Module Objectives ..................................................................................................... 34 VA Electronic Devices................................................................................................ 34 Protecting VA Mobile Devices.................................................................................... 35 Wireless Devices and Networks................................................................................. 36 Limited Personal Access and Use of VA-Issued Devices .......................................... 37 Personal Identity Verification (PIV) and Identity Cards .............................................. 38 Strong Passwords ...................................................................................................... 39 Social Engineering Attacks ........................................................................................ 40 Threats to Systems, Software, and Networks ............................................................ 40 Preventing Attacks ..................................................................................................... 42 Remote Access.......................................................................................................... 44 Personal Electronic Devices ...................................................................................... 45 It's in Your Hands ? Module Summary....................................................................... 46 Module 6: Storage, Transportation, and Disposition of Information ...................... 47 Module Objectives ..................................................................................................... 47 Protecting VA Sensitive Information from Theft, Loss, and Unauthorized Access ..... 47 Guidelines for Protecting VA Sensitive Information on VA Devices ........................... 48 Guidelines for Transporting VA Sensitive Information ............................................... 50 Storage and Disposal of Records .............................................................................. 50 Guidelines for Disposing of Paper and Electronic Media ........................................... 51 It's in Your Hands ? Module Summary....................................................................... 52 Module 7: Reporting Incidents ................................................................................... 53 Module Objectives ..................................................................................................... 53

FY14 Text-Only Course Transcript

Page | 1

Defining Incidents ...................................................................................................... 53 Impact ........................................................................................................................ 54 Consequences ........................................................................................................... 55 Penalties .................................................................................................................... 55 The Steps to Report an Incident ................................................................................ 56 Additional or Alternate Contacts................................................................................. 57 It's in Your Hands ? Module Summary....................................................................... 58 Module 8: Course Summary and Rules of Behavior ................................................ 59 Course Summary ....................................................................................................... 59 Acknowledge, Accept, and Comply with the ROB...................................................... 59 Course Completion .................................................................................................... 60 APPENDIX A: Rules of Behavior for VA Employees ................................................ 62 APPENDIX B: Rules of Behavior for VA Contractors............................................... 72 APPENDIX C: Glossary............................................................................................... 77 APPENDIX D: Privacy and Information Security Resources ................................... 90

FY14 Text-Only Course Transcript

Page | 2

Purpose of this Document

This text-only course transcript was designed to accommodate users in the following manner:

? You are using a screen reader, such as JAWS, to complete course material and have difficulty with the interactions in the online version.

? You are experiencing difficulties accessing the online version due to computer network or bandwidth issues.

? You have completed the online version and want to print a copy of course material for reference.

This version of the VA Privacy and Information Security Awareness and Rules of Behavior Text-only Course Transcript is valid for fiscal year (FY) 2014 (i.e., October 1, 2013 through September 30, 2014).

You should take the online version of this course if possible. However, if you complete the course using this text-only transcript, you must print and sign the appropriate Rules of Behavior (ROB), as well as initial each page, in the space provided. Contact your supervisor or Contracting Officer Representative (COR) to submit the signed ROB and to coordinate with your local Talent Management System (TMS) Administrator to ensure you receive credit for completion.

Using this Document Throughout this document you are able to access more detailed information in the appendices by selecting the available hyperlinks. To return to your place in the main document after selecting a hyperlink to an item in the appendix, select Alt + on your keyboard.

For more information on the use of this document to fulfill the annual training requirement, Information Security Officers (ISOs), supervisors, and CORs should reference the Instructions for Alternative Training Methods: VA Privacy and Information Security Awareness and Rules of Behavior document on the VA ITWD Portal.

FY14 Text-Only Course Transcript

Page | 3

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download