Purpose
To provide ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û with guidance in developing and implementing the appropriate protective safeguards to ensure the confidentiality, integrity, and availability of ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û assets and information.
Policy
¼«ËÙÁùºÏ²Ê¿ª½±½á¹û’s information, data, and records are managed in a manner consistent with ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û’s risk strategy to protect the confidentiality, integrity, and availability of the assets. Data security controls are submitted to ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û senior leadership for review and approval, and include a cost-benefit analysis to inform the executive staff in their risk strategy decisions.
Summary
- Data security controls are submitted to ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û senior leadership for review and approval
- Data security controls will include a cost-benefit analysis to inform the executive staff in their risk strategy decisions
- ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û employs cryptographic controls in accordance with applicable Federal and State laws, regulations and standards
- ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û system that requires protection includes but is not limited to configuration settings, intrusion detection and prevention, various logs and password databases
- ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û protects the confidentiality and integrity of sensitive data by using cryptographic mechanisms
- ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û applies full disk encryption to all ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û-owned laptops, mobile devices and desktop workstations
- Backups are encrypted (at rest)
- ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û recommends that students enable full disk encryption on their personal devices
- All transportable media is also encrypted
- Papers containing confidential information must not be left out in public view and must be properly destroyed when no longer needed
- ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û hardware and software assets are documented, tracked, and managed through inventory management
- Faculty and staff status is tracked and managed by Human Resources and the Dean of the College
- Student documentation is managed by Admissions, Registrar’s Office, the Dean of Students and the Advancement Office depending upon student status
- Prior to disposal, sanitization techniques are applied to media
- ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û ensures that there is adequate capacity to provide availability of its systems
- ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û employs reasonable and appropriate methods for data loss prevention
Data Security Policy Details [pdf]
Contact Us