Given today’s strict regulatory and legal compliance requirement (Electronic Transactions Act 2008, Act 772, Electronic Communications Act, Act 775 and Data Protection Act (Act 843) of 2012) on intellectual and personal data protection, organisations including Universities, have to invest a great deal of time and resources in safeguarding their information from potential unauthorized access and disclosures. Information security experts and organisations including; Miller 2009, Schneier 2010 and Ironport 2007, have indicated in a number of researches that, data in use, data at rest and data in motion have the exposure of potential leakage in organisations and institutions.
In view of this, a study which attempted to investigate the possibilities of information leakage using the above vectors was conducted at the Presbyterian University College, Ghana by Mr. Eric Amankwa and based on the findings; a workshop was organized on the theme: “Protecting our Information before and after agenda 2013.”
The workshop introduced participants to current threats to information and state-of-the-art information protection tools. Presentations were made on modern practices and strategies for sending and storing sensitive information on computers, and between computers using various electronic media. Participants also received handouts describing techniques for creating Key-pairs (private and public keys) in the Public Key Infrastructure (PKI), encrypting and decrypting emails, hands on practice on creating hidden partitions on flash drives, local disk drives and other removable storage devices, and copies of selected data leakage prevention tools.
The workshop proceeded in two sections, in which presentations we made on symmetric encryption strategies using TrueCrypt to protect data/information (Examination, financial, administrative, research etc) on flash-drives, hard disk and other media; and asymmetric encryption using Gpg for windows (Gpg4win) for securing emails before being sent over the internet.