Information technology resources constitute a valuable University asset that must be managed accordingly to ensure their confidentiality, integrity, and availability. Carrying out this mission requires the University to establish basic policies and standards. As such, the following University Information Technology Policies and Procedures are intended to facilitate and support reasonably secure, authorized access to University information.
Simple Steps to be Compliant
We know that the ITS policy document can be intimidating when you first get it, so we have created a simple checklist to help you get a head-start on becoming compliant. Remember that you will still need to be familiar with the actual document.
- Protect the information you are using. Never leave it in the open for others to see (put papers away, lock your computer screen, etc) and never give it out without approval.
- If you are unsure if something is confidential, treat it like it is and ask your supervisor.
- Use a strong password (i.e. Use upper- and lower-case letters plus numbers) and do not share it with anyone (not even your supervisor).
- If you need to share a resource (e.g. computer, application, etc), please contact ITS and we will make the proper arrangements.
- Log out of systems (e.g. Jenzabar) that you will not be using for a prolonged period of time (lunch break, overnight, etc).
- Email is not a secure communication tool so be careful with what you say. Once an email is sent, other people may be able to read it and there is no taking it back (no recalling).
- Employee email accounts must use Park's standard signature and no backgrounds or other stationery items.
- Be careful when opening attachments. Do not open anything unless you are expecting it, even if it is from a familiar address.
- If you need to send confidential information to someone, contact ITS to make sure it is protected.
- Use care and common sense when surfing the Internet. If a web site sounds too good to be true, it probably is. Some web sites will even infect your computer just by looking at a page.
- Do not download software. Many innocent-looking downloads will also contain spyware and other malicious software that will steal information and slow down your computer.
- When logging into web sites, make sure you do not let the computer save your login information (i.e. “Remember Me,” “Automatically Log Me In,” etc). Otherwise, anyone else who can get on that computer will have access to your accounts.
- Software that is not University approved is not allowed (e.g. Weatherbug, Hotbar, etc).
- Requests for approved software will be made to ITS, who will perform the install.
- ITS is the only authorized party to make hardware and software changes (e.g. application settings, new software, new hardware, etc) on a computer.
- If you notice any incidents (e.g. viruses, policy violations, information stealing, etc), contact Information Security at firstname.lastname@example.org. You may also want to advise your supervisor of the situation.
- Do not talk with others about the incident. Gossip may harm the integrity of any possible investigations.