Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Awareness Norfolk State University Policies.

Published byBritton Day Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Awareness Norfolk State University Policies."— Presentation transcript:

1 Security Awareness http://security.nsu.edu http://security.nsu.edu Norfolk State University Policies

2 Security Awareness: Policies NSU policies are available from: http://www.nsu.edu/policies Policy 60.201: Acceptable Use of Technology Resources Policy 62.002: Computer Systems Passwords http://www.nsu.edu/oit/policies Policy 61.002: Electronic Data Privacy and Ownership Policy 62.001: Continuity of Operations Disaster Recovery Plan http://www.nsu.edu/forms Resource Authorization Request / OIT Request Form & Information Security Access Agreement

3 Security Awareness: Policies Policy 60.201: Acceptable Use of Technology Resources Describes standards for using the University resources. States that activities can be monitored. States what types of use or access are authorized or not authorized. Examples: material covered by law not permitted obscene, inflammatory, or objectionable not permitted Do not allow access to unauthorized persons equipment removal external equipment downloading and causing too much traffic

4 Security Awareness: Policies Policy 60.201 (Continued) Privacy (or rather, no expectation of) Commonwealth policy Electronic communications can be forwarded without users knowledge Viewed or downloaded material/information University is not responsible Use caution Protect NSU assets

5 Security Awareness: Policies Policy 60.201 (Continued) User Responsibilities include (some, not all): You represent NSU Operate in an ethical manner Maintain security use for approved purposes Respect

6 Security Awareness: Policies Policy 60.201 (Continued) Network Accounts used for university business maintain privacy and security of account information Some Prohibited items are: logging onto more than one computer sharing passwords introducing Virsuses, worms permitting unauthorized persons access

7 Security Awareness: Policies Policy 60.201 (Continued) University records email is for delivery up to users to deem what is retained or archived Violations will be handled According to state policy According to Vice President or designee Interpretation is according to the VP of Research and Technology

8 Security Awareness: Policies Policy 62.002: Computer Systems Passwords Guidelines Used to access network, email, etc… Creation: complex, not easy to guess (dog, son, car, etc..) At least 8 characters Mix upper & lower case letters, numbers and special characters Not a word or name

9 Security Awareness: Policies Policy 62.002: (Continued) Protection: change IFAS/DataTel pw every 30 days change network pw every 12 months use a passphrase do not write it down Do not use it on non-NSU systes Do not share it Treat as confidential

10 Security Awareness: Policies Policy 62.002: (Continued) Assessment Random assessments of passwords Violations handled according to VP

11 Security Awareness: Policies Policy 61.002: Electronic Data Privacy and Ownership It is everyone’s responsibility to protect and maintain university data Any data required to conduct university business and operation Public use data for public use Internal use not available to anyone outside the university Highly sensitive data is data based on legal specifications, law, or any other data that needs to be protected Protect data for those that conduct business with the university

12 Security Awareness: Policies Policy 61.002: (Continued) Authorized use Limit Access Safeguard SSN Departments are responsible for reviewing and monitoring internal policies Exercise caution and care

13 Security Awareness: Policies Policy 62.001: Continuity of Operations Disaster Recovery Plan Password protected to ensure security Describes the procedures for restoring operation in the event of disaster as soon as possible Contains possible scenarios Contains list of servers and network equipment and the type of equipment each is If restoration is needed, the order of restoration is included

14 Security Awareness: Policies Policy 62.001: (Continued) Management Team makes decisions and directs recovery Damage Assessment Team determine extent of damage Recovery Team determine assets needed conduct recovery Contact information for team members, contractors and vendors

15 Security Awareness: Policies Policy 62.001: (Continued) Backup procedures Risk Assessment and planning Restoration procedures

16 Security Awareness: Policies Resource Authorization Request / OIT Request Form & Information Security Access Agreement All users must have one Agreement with university to abide by policies, laws and procedures New users use this to get accounts for necessary access Get access to additional resources Needs supervisor signature

Download ppt "Security Awareness Norfolk State University Policies."

Similar presentations

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Northside I.S.D. Acceptable Use Policy 2009-2010.

Northside I.S.D. Acceptable Use Policy
Identification and Disposition of Official University Records University of Texas at Arlington Records Management.

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.
Woodland Hills School District Computer Network Acceptable Use Policy.

Woodland Hills School District Computer Network Acceptable Use Policy.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
Information Security Awareness April 13, 2003. Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.

Information Security Awareness April 13, Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.
Boyertown Area School District Acceptable Use Policy.

Boyertown Area School District Acceptable Use Policy.
Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?

Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?
2010-2011 SANTA ROSA DISTRICT SCHOOLS E-Mail, Internet, and Social Media Acceptable Use and Risk Policy 1.

SANTA ROSA DISTRICT SCHOOLS , Internet, and Social Media Acceptable Use and Risk Policy 1.
Information Security Policies and Standards

Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.

SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.

University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?

Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?
ACCEPTABLE An acceptable use policy (AUP), also known as an acceptable usage policy or fair use policy, is a set of rules applied by the owner or manager.

ACCEPTABLE An acceptable use policy (AUP), also known as an acceptable usage policy or fair use policy, is a set of rules applied by the owner or manager.
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT

Similar presentations

Ads by Google