student.uva.nl
What is your study programme?
UvA Logo
What is your study programme?

Security & Privacy at the Faculty of Science

Published on 18-10-2023
October is Cyber Security month. That is why we are highlighting digital security in the coming period. Gerrit Oomens will tell us more about his role as Information Security & Privacy Officer at the Faculty of Science.
Show information for your study programme
What is your study programme?
or

What do you do as an Information Security & Privacy Officer at the Faculty of Science?

Gerrit Oomens portret
Gerrit Oomens, Information Security & Privacy Officer

"Information security and privacy are actually two separate functions that are somewhat related. With information security, the focus is on adequately securing our own faculty IT. This involves various servers and clusters we use for research and systems like DataNose, but also, for example, the encryption of all self-supporting laptops at the faculty. On the one hand, these systems need to be protected against outside attacks and, on the other, they also need to be sufficiently protected internally so that the right people can access the right data.

Privacy is about handling personal data responsibly. This could be personal data of our own staff or students, or data of people we use in research or teaching. I advise on the use of such data and the agreements made with external parties at the time of data exchange."

Where is the biggest challenge in your role?

"Handling individuals' data responsibly is very important today. It is very easy to share and exchange large amounts of data online. The challenge is to do this in such a way that the privacy of all involved remains protected. All kinds of data are worked with within the faculty; I enjoy helping people and advising how this can be done in a safe and responsible way."

How can you help staff and students?

"You can come to me with any questions about information security and privacy. For example:

  1. Can I safely use an (external or self-built) application and/or enter individuals' data there?
  2. Can I share names, e-mail addresses or other data of employees/students with this (internal or external) party?
  3. What should I pay attention to when deploying a questionnaire so that there are sufficient safeguards for participants' privacy? How should I inform the participants?"

What tip do you have for employees when it comes to secure digital privacy-proofing?

"Take care when using proprietary applications or cloud services. There are all kinds of useful tools available online, but always pay attention to what they do with data. Especially if the tools are free, you are generally paying with your data. When in doubt, ask for advice on how to use such a tool responsibly."