IT Security Office
The mission of the Information Technology Security Office (ITSO) is to establish, implement and maintain a safe and secure Information Technology environment for all faculty, student and staff enabling them to teach, learn and conduct College business.
- Establish appropriate College-wide policies, procedures, guidelines and standards to safeguard College data and the physical security of its information systems.
- Conduct security assessment and risk analysis to identity potential risks, vulnerabilities and threats to the College's information systems and develop life-cycle plans to minimize, mitigate or eliminate those risks.
- Partner with the appropriate departments to ensure that the College maintains the proper level of security compliance with federal and state regulations to safeguard access to personal, financial and health information.
- Establish and maintain an on-going Information Technology security awareness program that will promote personal responsibility for securing College data and resources through education and training.
- Setup an information Security Incident Response Team (iSIRT) that will respond to information security incidents in such a way to minimize the incident and restore normal operations.
Information Security Policies, Standards, Guidelines & Procedures
- 6Hx-18-1.23: Information Technology Resources and Systems [PDF]
- 6Hx-18-4.67: Preservation & Disposal of Electronic Records [PDF]
HR / IT Forms
- E-mail & Computer Usage Agreement [PDF]
- E-mail Account Requests for Palm Beach State Associate [PDF]
- PantherNet Security Access [Web]
- 6Hx-18-G.001: Mobile Device Security & Usage Guideline [PDF]
- 6Hx-18-UA.001: Handheld Mobile Device User Agreement [PDF]
- Acceptable Use of Internet Resources
- Application Development Procedure
- Data Classification Procedure
- Information Security Administrative Procedure
- Information Security Incidence Response
- Mobile Device Security and Usage Guideline
- Risk Assessment Procedure
Social engineering is the human side of breaking into a company network. Organizations similar to ours with authentication processes, firewalls, VPNs and network monitoring software are still wide open to an attack if an employee unwittingly gives away key information in an email, by answering questions over the phone with someone they don't know or failing to ask the right questions.
Get more info: