Skip to main content
< Back

IT Security Office

Mission Statement

The mission of the Information Technology Security Office (ITSO) is to establish, implement and maintain a safe and secure Information Technology environment for all faculty, student and staff enabling them to teach, learn and conduct College business.


Main Objectives

  • Establish appropriate College-wide policies, procedures, guidelines and standards to safeguard College data and the physical security of its information systems.
  • Conduct security assessment and risk analysis to identity potential risks, vulnerabilities and threats to the College's information systems and develop life-cycle plans to minimize, mitigate or eliminate those risks.
  • Partner with the appropriate departments to ensure that the College maintains the proper level of security compliance with federal and state regulations to safeguard access to personal, financial and health information.
  • Establish and maintain an on-going Information Technology security awareness program that will promote personal responsibility for securing College data and resources through education and training.
  • Setup an information Security Incident Response Team (iSIRT) that will respond to information security incidents in such a way to minimize the incident and restore normal operations.


Information Security Policies, Standards, Guidelines & Procedures

Board Policies

  • 6Hx-18-1.23: Information Technology Resources and Systems [PDF]
  • 6Hx-18-4.67: Preservation & Disposal of Electronic Records [PDF]

HR / IT Forms

Guidelines

Administrative Procedures


Social Engineering

Social engineering is the human side of breaking into a company network. Organizations similar to ours with authentication processes, firewalls, VPNs and network monitoring software are still wide open to an attack if an employee unwittingly gives away key information in an email, by answering questions over the phone with someone they don't know or failing to ask the right questions. 

Get more info:

www.securityfocus.com/infocus/1527

www.us-cert.gov/cas/tips/ST04-014.html

Print page