Information Protection and Security

 The Change Management procedure controls any additions, deletions, or modifications to the department configuration of desktops, servers and network hardware and/or software.

This guide is intended as a security-centric addendumto the Guide to Information Technology for Academic and Administrative Units.  Please also reference the OIT Standards for Management of Computer Systems.

No computer or workstation is immune to compromise. University information and network assets are of significant value and protecting them is the responsibility of everyone handling these assets. Every department is expected to develop a security plan.

 An Intrusion Detecton System (IDS) gathers and analyzes information from various areas within a computer or netowrk to identify possible violations of security policy, including unarthorized access as well as misuse.

 The following are best practice answers for questions your department administration should be asking related to department IT security.

 The following are questions that Deans, Directors, Chairs and Administrators should be asking their IT staff relative to IT security.  

 IT Security starts with a physical machine secured by an authorized user.  If an unautherized person can sit down at a computer it is only a matter of time before that person can use that computer to compromise your account.