DOCSLIB.ORG

Information Security Policy

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Information Security Policy POLICY: INFORMATION SECURITY POLICY EFFECTIVE: 03‐2016 CONTENTS 1.0 Introduction ............................................................................................................................................................... 3 2.0 Purpose ......................................................................................................................................................................... 3 3.0 Scope .............................................................................................................................................................................. 3 4.0 Implementation ........................................................................................................................................................ 4 5.0 Roles and Responsibilities .................................................................................................................................... 4 6.0 Information and System Classification ............................................................................................................ 5 7.0 Provisions for Information Security Standards ........................................................................................... 5 7.1 Access Control (AC) ............................................................................................................................................ 5 7.2 Awareness and Training (AT) ........................................................................................................................ 6 7.3 Audit and Accountability (AU) ....................................................................................................................... 6 7.4 Assessment and Authorization (CA) ............................................................................................................ 6 7.5 Configuration Management (CM) ................................................................................................................. 6 7.6 Contingency Planning (CP) .............................................................................................................................. 7 7.7 Identification and Authentication (IA) ....................................................................................................... 7 7.8 Incident Response (IR) ...................................................................................................................................... 7 7.9 Maintenance (MA) ............................................................................................................................................... 7 7.10 Media Protection (MP).................................................................................................................................... 7 7.11 Physical and Environmental Protection (PE) ........................................................................................ 8 7.12 Planning (PL) ...................................................................................................................................................... 8 7.13 Personnel Security (PS) .................................................................................................................................. 8 7.14 Risk Assessment (RA) ..................................................................................................................................... 8 New York Six Liberal Arts Consortium Colgate University, Hamilton College, Hobart & William Smith Colleges St. Lawrence University, Skidmore College, Union College 1 of 12 7.15 System and Services Acquisition (SA) ...................................................................................................... 8 7.16 System and Communications Protection (SC) ...................................................................................... 9 7.17 System and Information Integrity (SI) ..................................................................................................... 9 7.18 Program management (PM) ......................................................................................................................... 9 8.0 Enforcement ............................................................................................................................................................... 9 9.0 Privacy ........................................................................................................................................................................ 10 10.0 Exceptions .............................................................................................................................................................. 10 11.0 Disclaimer ............................................................................................................................................................... 10 12.0 References .............................................................................................................................................................. 10 13.0 Related Policies .................................................................................................................................................... 11 14.0 Policy Authority ................................................................................................................................................... 11 15.0 Revision History ................................................................................................................................................... 12 16.0 Approvals ................................................................................................................................................................ 12 New York Six Liberal Arts Consortium Colgate University, Hamilton College, Hobart & William Smith Colleges St. Lawrence University, Skidmore College, Union College 2 of 12 1.0 INTRODUCTION The purpose of this Policy is to assist the University in its efforts to fulfill its responsibilities relating to the protection of information assets, and comply with regulatory and contractual requirements involving information security and privacy. This Policy framework consists of eighteen (18) separate Policy statements, with supporting Standards documents, based on guidance provided by the National Institute of Standards and Technology (NIST) Special Publication 800‐53. Although no set of policies can address every possible scenario, this framework, taken as a whole, provides a comprehensive governance structure that addresses key controls in all known areas needed to provide for the confidentiality, integrity and availability of the institution’s information assets. This framework also provides administrators guidance necessary for making prioritized decisions, as well as justification for implementing organizational change. 2.0 PURPOSE The purpose of this Information Security Policy is to clearly establish the University’s role in protecting its information assets, and communicate minimum expectations for meeting these requirements. Fulfilling these objectives enables St. Lawrence University to implement a comprehensive system‐wide Information Security Program (See “New York Six Information System Management System (ISMS) guidelines” document). 3.0 SCOPE The scope of this policy includes all information assets governed by the University. All personnel and service providers who have access to or utilize information assets of the Institution, including data at rest, in transit or in process shall be subject to these requirements. This Policy applies to all information assets operated by the University; All information assets provided by University through contracts, subject to the provisions and restrictions of the contracts; and all authenticated users of St. Lawrence University information assets. All third parties with access to the Institutions’ non‐public information must operate in accordance with a service provider contract containing security provisions consistent with the requirements promulgated under, but not limited to the Gramm‐Leach‐Bliley Act (GLBA), Family Educational Rights and Privacy Act (FERPA), New York State Information Security Breach and Notification Act, and the Payment Card Industry Data Security Standard (PCI‐DSS). New York Six Liberal Arts Consortium Colgate University, Hamilton College, Hobart & William Smith Colleges St. Lawrence University, Skidmore College, Union College 3 of 12 4.0 IMPLEMENTATION St. Lawrence University needs to protect the availability, integrity and confidentiality of data while providing information resources to fulfill our academic mission. The Information Security Program must be risk‐based. Implementation decisions must be made based on addressing the highest risk first. The University’s administration recognizes that fully implementing all controls within the NIST Standards is not possible due to organizational limitations and resource constraints. Administration must implement the NIST standards whenever possible, and document exceptions in situations where doing so is not practicable. 5.0 ROLES AND RESPONSIBILITIES The university has identified the following roles and responsibilities: 1) University President: The President is accountable for the implementation of the Information Security Program including: a) Security Policies, Standards, and procedures b) Security Compliance including managerial, administrative and technical controls. The President is to be informed
Load more

Recommended publications
  • Asst. Coach Mackenzie Williams
    Head Coach Gillian McDonald Asst. Coach Mackenzie Williams Student-Athlete Profiles The 2013 Gillian McDonald is in her eighth year as Mackenzie Williams is in her second year Caroline Clark the head field hockey coach at Hamilton as an assistant coach at Hamilton. Wil- Schedule College. McDonald has recorded 47 wins liams was a four-year starter at the Uni- Senior, Midfielder at Hamilton, including a team-record 13 in versity of Vermont, playing every position Larchmont, N.Y./Mamaroneck HS Sept. 4 at SUNY Oneonta 6 p.m. 2010. She guided the Continentals to the but goalie. She was a volunteer assistant Major: History Sept. 7 at Trinity * Noon 2011 NESCAC Championship quarterfi- coach for the varsity team at Rice High Sept. 11 UTICA 5 p.m. nals in their first year in the conference. School in South Burlington, Vt., in 2011. 2012: Started all 14 contests and tied Sept. 14 BATES * 11 a.m. Two of McDonald's players made the 2011 Williams scored seven goals and for second on the team in scoring with Sept. 21 at Connecticut College * Noon all-conference team. added six assists for 20 points in 70 five points ... Notched goals against Sept. 24 at Morrisville State 7 p.m. In 2010, Hamilton finished 13-3, includ- games at Division I Vermont. She kicked both Connecticut College and #15 Sept. 28 WESLEYAN * Noon ing 3-0 in overtime games. The Continen- off her college career by making the 2008 Trinity ... Recorded her first career Oct. 5 AMHERST * 11 a.m. tals finished second in the Liberty League America East Conference all-rookie team.
    [Show full text]
  • Trinity Tripod, 1989-12-06
    "IN. Community Unites to Discuss Bigotry Conrad Muhammad, Student Reaction Sources of Controversy the lecture and a dinner with the lecture. it either way, but I think that this [lecture)," said Rucci as he sur- I -Special to the Tripod- Muhammad, the proposed rally , "This is an affront against the is the best thing for the students." veyed the Washington Room to plan security coverage of the l,r__ for Unity at Trinity was postponed Black community here at Trinity, "We have every reason to *, Bigotry was the focus of a until Friday. (Please see "Unity as well as the Hartford commu- believe that outside groups could event. ' panel discussion held last Mon- Rally Postponed" below.) nity," said Wooden. "Atnophase cause a lot of problems at this t day in the Washington Room in Gerety said he could not dis- of the decision making process front of a audience of at least 500 close the name of any individual were we contacted, and once again students, faculty, and staff, groups, but said that he knew there we were alienated." i The forum, along with the were several organizations of "Tom Gerety could at least Unity Rally Postponed i tvents surrounding the upcoming different political and religious had the courtesy to to talk to the The rally will be held at 4 f Conrad Muhammad lecture, has backgrounds that were planning sponsoring organization before -Special to the Tripod- p.m. on the Cave patio. sent Trinity reeling. to protest or support Muhammad's the decision was finalized," said "This is the first step in the j Muhammad, amemberof the presence here.
    [Show full text]
  • Below Is a Sampling of the Nearly 500 Colleges, Universities, and Service Academies to Which Our Students Have Been Accepted Over the Past Four Years
    Below is a sampling of the nearly 500 colleges, universities, and service academies to which our students have been accepted over the past four years. Allegheny College Connecticut College King’s College London American University Cornell University Lafayette College American University of Paris Dartmouth College Lehigh University Amherst College Davidson College Loyola Marymount University Arizona State University Denison University Loyola University Maryland Auburn University DePaul University Macalester College Babson College Dickinson College Marist College Bard College Drew University Marquette University Barnard College Drexel University Maryland Institute College of Art Bates College Duke University McDaniel College Baylor University Eckerd College McGill University Bentley University Elon University Miami University, Oxford Binghamton University Emerson College Michigan State University Boston College Emory University Middlebury College Boston University Fairfield University Morehouse College Bowdoin College Florida State University Mount Holyoke College Brandeis University Fordham University Mount St. Mary’s University Brown University Franklin & Marshall College Muhlenberg College Bucknell University Furman University New School, The California Institute of Technology George Mason University New York University California Polytechnic State University George Washington University North Carolina State University Carleton College Georgetown University Northeastern University Carnegie Mellon University Georgia Institute of Technology
    [Show full text]
  • Mobile Device Policy
    POLICY : MOBILE DEVICES EFFECTIVE: 1-JULY-2016 CARETAKER : VICE PRESIDENT FOR LIBRARIES AND INFORMATION TECHNOLOGY 1.0 PURPOSE The purpose of this policy is to secure and protect St. Lawrence University information assets that may be accessed and stored on mobile devices. Mobile devices offer great flexibility and improved productivity for employees, but they can also create added risk and potential targets for data loss. This document describes St. Lawrence University’s requirements for securing the institution’s information on mobile devices. 2.0 SCOPE All employees, students, contractors and consultants must adhere to this policy. This policy applies to all university owned and personal mobile devices with access to St. Lawrence University’s information assets classified as sensitive or protected. St. Lawrence University considers mobile devices to be smart phones, tablets, or other types of highly mobile devices. Laptops are specifically excluded from the scope due to significant differences in security control options. 3.0 POLICY St. Lawrence University has established the following requirements for use of mobile devices based on ISO/IEC and NIST documented standards*. 3.1 USER AND TECHNICAL REQUIREMENTS Individuals and their devices accessing St. Lawrence University’s information assets classified as sensitive or protected are subject to the St. Lawrence University Mobile Device Standard. The user is responsible for the backup of their own personal data and St. Lawrence University is not responsible for the loss of data. New York Six Liberal Arts Consortium 1 of 3 Colgate University, Hamilton College, Hobart & William Smith Colleges St. Lawrence University, Skidmore College, Union College 4.0 ENFORCEMENT The institution may temporarily suspend or block access to any individual or device when it appears necessary to do so in order to protect the integrity, security, or functionality of institution and computer resources.
    [Show full text]
  • HAMILTON COLLEGE Student Handbook 2009-2010
    HAMILTON COLLEGE Student Handbook 2009-2010 Hamilton College reserves the right to change requirements, policies, rules and regulations without prior notice, in accordance with established procedures. Table of Contents Code of Student Conduct Guiding Principles………………………………………………………………………...………….. …8 Prohibited Conduct……………………………………………………………………...……………. …9 Judicial Procedures………………………………………………………………………...…………. …9 Point System……………………………………………………………………………..…………… ..14 Honor Code/Honor Court Constitution…………………………………………………...…………... ..16 Honor Code Statement……………………………………………………………………..…………. ..16 Academic Dishonesty………………………………………………….……………………………... ..16 Honor Court Constitution……………………………………………………………..……………… ..17 Appeals Board………………………………………………………………………………………… ..21 Alcohol and Illegal Drug Policy……………………………………………………...………………. ..23 Summary of New York States Laws Governing Alcohol………………………………………..…… ..23 General Policies………………………………………………………………………..…………….....23 Policy for Student-Sponsored Social Events with Alcohol……………………………..……………. ..24 Educational Programs…………………………………………………………...……………………. ..25 Illegal Drug Policy…………………………………………………………..………………..……… ..25 Harassment and Sexual Misconduct Policy…………………………...……………………………… ..28 Sexual Assault Compliance Statement………………………………………..……………………… ..37 Bias Crimes Compliance Statement………………………………………………..………………… ..40 Hazing………………………………………………………………………...………………………. ..41 Private Society Relationship Statement…………………………………………...………………….. ..42 Residential Life Staff, Facilities, and Regulations………………………..………………………….
    [Show full text]
  • Curriculum Vitae Jenessa Seymour EMPLOYMENT
    Jenessa Seymour 95 Woodrow Street • Springfield, MA 01119 (845) 242-3206 • [email protected] Curriculum Vitae Jenessa Seymour EMPLOYMENT Visiting Assistant Professor of Psychology Fall 2020- Present Skidmore College Psychology Department 2/3 course load Visiting Professor of Psychology Fall 2019-Spring 2020 Western New England University Psychology Department 4/4 course load Visiting Professor of Psychology Fall 2018-Spring 2019 Mount Holyoke College Psychology and Education Department 2/3 course load Visiting Assistant Professor of Psychology and Neuroscience Fall 2016-Spring 2018 Colgate University Psychological and Brain Sciences Department 2/3 course load Hired for 2016-17 academic year while completing dissertation, renewed for 2017-18 EDUCATION PhD in Neuroscience Graduated May 2017 Advisor: Gabriele Gratton University of Illinois at Urbana-Champaign (UIUC) Dissertation Title: “Neural systems supporting enhanced peripheral visual attention in deaf adults” BA in Psychology, summa cum laude State University of New York College at Potsdam (SUNY Potsdam) CV Jenessa Seymour 1 TEACHING Courses taught at Skidmore College: Intro Psychological Science Fall 2020 100 level requirement for psychology majors, and general education credit Broad introduction to the field of psychology. Taught online. Courses taught at Western New England University: Cognitive Psychology Spring 2020 200 level elective for psychology majors. Broad introduction to cognitive psychology. Statistics for Behavioral Sciences Fall 2019 & Spring 2020 200 level requirement for psychology majors. Provide foundational statistical knowledge, specifically aimed at behavioral research. Introduction to Psychology Fall 2019 100 level requirement for psychology majors, and general education credit Broad introduction to the field of psychology. Disability Culture and Sensory Adaptation Spring 2020 300 level elective for psychology and education majors.
    [Show full text]
  • Periodic Review Report Presented By: Hamilton College Clinton, New York June 1, 2016 Joan Hinde Stewart, President Most Recent Decennial Review: April 2011
    Periodic Review Report Presented by: Hamilton College Clinton, New York June 1, 2016 Joan Hinde Stewart, President Most recent decennial review: April 2011 Table of Contents Section 1: Executive Summary ..................................................................................................................... 4 Section 2: Institution Responses to the Previous Evaluation ........................................................................ 6 Introduction ............................................................................................................................................... 6 Mission and Goals..................................................................................................................................... 6 Leadership, Governance, and Administration ........................................................................................... 9 Integrity ..................................................................................................................................................... 9 Admission, Retention, and Support Services .......................................................................................... 10 Faculty and Educational Offerings ......................................................................................................... 11 Section 3: Current Status – Challenges and Opportunities ......................................................................... 14 Leadership Change .................................................................................................................................
    [Show full text]
  • Guillermina Seri Department of Political Science 113 Lippman Hall Union College 807 Union St., Schenectady, New York, 12308 [email protected]
    Guillermina Seri Department of Political Science 113 Lippman Hall Union College 807 Union St., Schenectady, New York, 12308 [email protected] CURRENT AND PAST POSITIONS Fall 2015- Latin American and Caribbean Studies (LACS) Director Fall 2013- Associate Professor, Department of Political Science, Union College Fall 2007- Spring 2013 – Assistant Professor, Department of Political Science, Union College 2006-07 Visiting Assistant Professor, Peace and Conflict Studies, Colgate University 2005-06 Postdoctoral Fellow, Peace and Conflict Studies, Colgate University Two last positions in Argentina: 1997-2000. Professor, Master in Social Sciences. National University of Catamarca 1997-2001. Assistant Professor. Political theory. National University of Entre Ríos EDUCATION Ph.D. Political Science, University of Florida. August 2005 (Double Major: Comparative Politics and Political Theory). Dissertation: “Policing and Democracy: The Influence of Narratives on Police Discretion.” M.A. Social Sciences (Major: Methodology), FLACSO, Buenos Aires, 1998. Thesis: Acerca de los usos estatales del terror. Una indagación en el contexto argentino [On state uses of terror: An exploration of the Argentine case] Licenciada en Ciencia Política (5-year program, 36 year long courses in Political Science), Universidad Católica de Córdoba, Argentina, 1986. FORTHCOMING/WORK IN PROGRESS: -(Forthcoming) (co-authored with Mary Rose Kubal): “How Policy Fields are Born: The Rise of Democratic Security in Argentina,” Journal of Latin American Studies. -Police Abuse in Democracy (Book, co-edited with Michelle Bonner, Mary Rose Kubal, and Michael Kempa) (Manuscript under review). -(co-authored with Jinee Lokaneeta): “Police and State. Governing Citizenship through Violence.” (Book chapter, in Police Abuse in Democracy). -For the Common Good: Unlawful Governance in Democracies – (Book manuscript; Expected completion: Winter 2018).
    [Show full text]
  • Colleges & Universities
    Bishop Watterson High School Students Have Been Accepted at These Colleges and Universities Art Institute of Chicago Fordham University Adrian College University of Cincinnati Franciscan University of Steubenville University of Akron Cincinnati Art Institute Franklin and Marshall College University of Alabama The Citadel Franklin University Albion College Claremont McKenna College Furman University Albertus Magnus College Clemson University Gannon University Allegheny College Cleveland Inst. Of Art George Mason University Alma College Cleveland State University George Washington University American Academy of Dramatic Arts Coastal Carolina University Georgetown University American University College of Charleston Georgia Southern University Amherst College University of Colorado at Boulder Georgia Institute of Technology Anderson University (IN) Colorado College University of Georgia Antioch College Colorado State University Gettysburg College Arizona State University Colorado School of Mines Goshen College University of Arizona Columbia College (Chicago) Grinnell College (IA) University of Arkansas Columbia University Hampshire College (MA) Art Academy of Cincinnati Columbus College of Art & Design Hamilton College The Art Institute of California-Hollywood Columbus State Community College Hampton University Ashland University Converse College (SC) Hanover College (IN) Assumption College Cornell University Hamilton College Augustana College Creighton University Harvard University Aurora University University of the Cumberlands Haverford
    [Show full text]
  • Symposium Program
    KNAC Student Astronomy Research Symposium All sessions are in Science Center 101 Breakfast/coffee 8:15–9:00 Session 1: 9:00–10:30 A Survey of the Discrete X-ray Source Population of M51 Catherine Martlin, Swarthmore College and Greg Schulman, Wesleyan University/Clark University Multiplicity of High-z SMGs David Ball, Whitman College Discovery of Compact Quiescent Galaxies at Intermediate Redshifts in DEEP2 Kirsten N. Blancato, Wellesley College Exploring the Properties of Radio-Faint Quasars: Loudness and Reddening Kathryn Kooistra, Muhlenberg College Optical Variability of the Blazar BL Lacertae During Summer 2014 Katie Karnes, Colgate University, and Anneliese Rilinger, Williams College The Optical and Radio Variability of the Blazar 3C 454.3 Luna Zagorac and Zachary Weaver, Colgate University Break and poster viewing: 10:30–10:50 Session 2: 10:50–12:15 Examining Social Movements within the Context of Space Astronomy Policy and their Implications for New Models of the Academic Research Cycle Hannah E. Harris, Wellesley College Protoplanetary Disks in Chamaeleon I Lindsay DeMarchi, Colgate University Constraining Dust Properties in Dense Molecular Cloud Cores Trevor Dorn-Wallenstein, Wesleyan University; Carolyn Morris, Colgate University; Angelica Rivera, Vassar College; Gregory Zengilowski, Colgate University Surveying White Dwarfs for Transiting Exoplanets Girish Duvvuri, Wesleyan University Detection of the Slope of Rayleigh Scattering Using HYDRA Coady Read Johnson, Wesleyan University Resolving the Dusty Debris Disk of 49 Ceti
    [Show full text]
  • Oak Knoll School of the Holy Child
    Oak Knoll School of the Holy Child Colleges attended by graduates in the Classes of 2014-2018: American University Princeton University (4) Amherst College (2) Providence College (6) Bard College Quinnipiac University Barnard College Reed College Boston College (13) Saint Joseph’s University, Pennsylvania (3) Boston University (2) Salve Regina University Bowdoin College (2) Santa Clara University Bucknell University (6) Skidmore College (4) Carnegie Mellon University Southern Methodist University (3) Clemson University (2) Stanford University (4) Colby College Stetson University Colgate University (9) Stevens Institute of Technology College of the Holy Cross (20) Syracuse University (2) Columbia University (2) Texas Christian University Connecticut College (2) Trinity College (2) Cornell University (3) Tulane University (4) Davidson College (3) United States Military Academy Denison University University of Alabama Dickinson College (3) University of California, Berkeley Drexel University (2) University of California, Los Angeles Duke University (5) University of Colorado, Boulder Elon University (3) University of Delaware (2) Emerson College (2) University of Edinburgh (2) Emory University (2) University of Georgia Fairfield University (2) University of Maryland, College Park Fordham University (11) University of Miami (2) George Washington University (4) University of Michigan (6) Georgetown University (12) University of Mississippi Gettysburg College University of North Carolina, Chapel Hill Hamilton College University of Notre Dame
    [Show full text]
  • CSS/Financial Aid PROFILE® Student Guide
    2014-15 School Year CSS/Financial Aid PROFILE® Student Guide This guide provides the basic information you need to complete your PROFILE application at https://bigfuture.collegeboard.org beginning Oct. 1, 2013. WHAT is the PROFILE? The PROFILE is an online Information to have available when you application that collects information used by certain register: colleges and scholarship programs to award institutional • Type of tax return you and your parent(s) will file for the aid funds. (All federal funds are awarded based on the current year (e.g., 1040, 1040 EZ, foreign return) FAFSA, available after Jan. 1 at www.fafsa.ed.gov.) Some • If your parents receive TANF (Temporary Assistance for colleges may require additional information, such as tax Needy Families) or SSI (Supplemental Security Income) • If your parents are self-employed or own business(es) returns or an institutional application. If your parents are and/or farm(s) divorced, some colleges will also require your noncustodial • Your parents’ housing status (e.g., own, rent) parent to complete the Noncustodial PROFILE. • Your personal information, including your Social Security WHEN do I file the PROFILE? You may file the number PROFILE as early as Oct. 1, 2013. However, you should Once you register, you will find detailed instructions and an extensive Help Desk, including Frequently Asked Questions, file no later than two weeks before the EARLIEST priority online. filing date specified by your colleges or programs. WHO must file the PROFILE? Check your colleges’/programs’ The Process: Three Easy Steps information to determine whether they require the PROFILE. A 1.
    [Show full text]