Information Security

Information security is everyone's job at Brockport, not just a select few. We have adopted basic practices for safeguarding customer information that we expect every employee to follow.

Main Page Content

If you observe practices in your area that do not live up to these standards, you should first speak with a supervisor. If the matter is not resolved, please contact the information security staff in LITS.

We have adopted enhanced practices for certain types of sensitive information.

Credit Cards

In order to accept credit cards, the College must meet the Data Security Standards set by the Payment Card Industry. We have adopted policies for the protection of credit card information.

Secure Destruction of Electronic Devices

Library, Information and Technology Services is charged with responsibility for the entire lifecycle of College-owned technology devices, such as computers, cell phones and other digital storage devices (USB drives). Technology that is end-of-life should be sent to LITS so that its digital content will be destroyed prior to the recycling of the physical media.

Passwords

In order to safeguard our systems, we establish password practices and standards which serve to uniquely identify our staff. Be sure to keep your passwords safe and secret at all times.

Document Retention and Information Security

The College operates under a document retention and disposition policy which ensures we retain information only as long as we have a legitimate business or regulatory need for it. We cannot lose information which we no longer possess, so all staff should familiarize themselves with these practices and understand how they applie to their professional responsibilities.

Information Security Staff

The College has appointed the Collegewide Information Security Oversight Committee to coordinate overall information security efforts. If you have any questions or need assistance please reach out to our Information Systems Security Coordinator at InfoSec@brockport.edu.

Office 365 Email

Did someone complain to you that their email message was rejected by Microsoft? If so, please let them know that they may need to contact Microsoft to be "delisted". The easiest way to make this request is to complete the following form.

https://sender.office.com/

Data Risk Classification

We are committed to protecting college owned electronic information. That is why we are starting a program that will allow us to follow data classification standards. These standards will allow us to identify risk levels. Normally, data risk classifications consist of three categories: low risk, moderate risk, and high risk.

 Low Risk  Moderate Risk  High Risk
  • Public Announcements
  • Meeting Minutes
  • Student Grades
  • Meeting Minutes 
  • BannerID
  • Date of Birth
  • Software Product Keys
  • Social Security Number
  • Credit Card Number
  • Driver’s License Number
  • Medical Record Numbers
  • Health Plan Beneficiary Numbers
  • Account Numbers
  • Intellectual Property – owned by College at Brockport
  • BannerID+DOB+Student Grades in one document.

 

Before processing, transmitting, or storing high risk information, please verify that the software or service you are using is authorized. Please feel free to call the Information Security department at extension 5072 for further clarification.

Awareness

RSS Latest viruses and spyware

Last Updated 3/22/18

Close mobile nav