Policy No. 408

Adopted: 4/23/96
Reviewed: 6/24/08

Description: Safeguarding of Information

ITS shall be responsible for maintaining proper backup copies of all college software, and of all institutional and user files on central college systems.

Departments shall be responsible for maintaining proper backup copies of departmental information on computers in department offices.

Technology users shall be responsible for maintaining proper backup copies of information on computers allocated or loaned to them.

ITS shall be solely responsible for the management of software security systems and the creation and removal of user accounts and passwords on all systems that have security features.

Access to college technologies protected by user IDs and passwords shall be provided through the cooperation of a system coordinator and ITS. ITS shall create new user accounts with the detailed access privileges specified by the system coordinator.

Account holders shall be responsible for the security of their user IDs and passwords. User IDs must never be shared with others. Passwords suspected of being compromised shall be changed immediately. Users shall be held personally responsible for all activities performed under authority of their user IDs.

ITS shall be responsible for the physical security of shared technology and technology in public areas, e.g. computer labs, shared printers, faculty work areas, kiosks.

Departments and technology users shall be responsible for the physical security of technology allocated or loaned to them.

Users of technology should be aware that while college computers, information systems, and "private" files on shared storage, are protected by passwords and physical barriers, they are not protected from access by those who manage passwords, access codes, or physical keys to door locks. Being charged with management of security systems implies a granting of trust as well as responsibility.

Users should also be aware that most computer networks are not secure. Information flowing across them can be decoded and read by others who are clever and unscrupulous enough to exert the great effort required.

ITS is committed to the highest standards of professionalism and ethics in protecting and managing confidential and private information in its care. ITS shall revoke access to systems in cases of misuse or possible security breaches, for the express purpose of maintaining the reliability of systems and the integrity of information.

See Also:

Policy No. 803: Code of Ethics for College Employees
Policy No. 845: Rule Violation

Policy No. 845, Supplement 1: Records Privacy Statement

 

Back to the Policies and Procedures Main Menu