 |
Information Technology Security Policy
In order to provide the SDSU community the type connectivity and support it expects, and in light of recent events, security has become one of the top priorities of this institution. In the following statements the SDSU Security Committee conveys the basic tenets that need to be followed by all in our community.
- Passwords to access technology assets are a very necessary part of security. Please take this seriously. Hackers have published booklets on common types of passwords that are used such as "password", "family member's names", "telephone, street address, birth dates, Social Security number". The other thing users often do is tape their passwords to their monitor, slide out drawer in the desk, under the keyboard or on a check sheet on the wall. Please avoid these mistakes and take the use of a password seriously.
- Each network user on campus is required to have a unique network ID in order to access the network. Generic accounts will not be allowed access to the network. Generic accounts are a security hole and a liability for every user associated with that account. If malicious activity occurs from a generic account, everyone with access to that account is responsible.
- Leaving your office unlocked and your computer logged in creates an insecure environment. When you leave your office, log out of your computer, have a security screen saver engage if the keyboard is not touched for five minutes, or block access by locking your computer using "Ctrl + Alt + Delete" keys and select "Lock Computer". Locking the physical door to the room also is a great help to security.
- E-mail security is a significant concern. Contrary to popular thought, E-mail is a public communication tool. Please do not put sensitive information in E-mail that you do not want the public to possibly know. Remember also, that this is a public institution and therefore E-mail messages belong to the University.
- Anti-virus protection is required. It is a fact of modern computing that there are people writing very destructive or at least very time-impacting programs to disrupt everyone?s day. Please make sure you have SDSU?s approved anti-virus program installed and running on your computer with the latest update.
- Data security for desktop data must be considered. This data could be grades, account information, budgets, course materials, or web pages. Having this information secure is important. If the data is very sensitive, investigate file encryption and password protection. A rule of thumb is if you can?t afford to lose data, back it up three times. Once to your machine, once to the network and once to storage that you can secure off site. In all cases make sure you secure your data.
The full SDSU User Security Policy document is available at in paper copy upon request from Computing Services, 688-6136. It further explains these tenets in greater detail, and other security issues including: Network security Remote Access Equipment Security Workstation software and hardware Security Misuse of Computer Resources Reporting Security Breaches Penalty for Violation of Security Policy. Remember technology security is an individual's responsibility as a contributing member of the SDSU community. If you have a question about the policy contact the Office of Information Technology. If the question is about security needs or concerns contact the SDSU Support Desk at 688-6776.
|
|
