Personal tools
You are here: Home On Campus Technology Technology on Campus Information Security Awareness Program

Information Security Awareness Program

— filed under:

Overview of The Program

The Information Security Awareness Program is intended to educate the campus community about the inherent risks of the confidentiality, integrity, or availability of systems & data, and how you can do your part to help protect these systems & data.  This program's primary objective is to reduce the risks of a security breach. Click the following link for instructions to complete the Acceptable Use of Technology: Acceptance Process now.

What is Information Security?

Information Security is the people, policies, processes, and technologies (hardware & software) associated with:

  • Identifying/assessing information-related assets, risks, vulnerabilities, targets and threats
  • Preserving & protecting information-related assets against unauthorized access, theft, alteration, or destruction
  • Detecting and investigating abuse of information-related assets
  • Protecting personal privacy
  • Recommending solutions to reduce risk and liability

Information Security Program

The senior leadership of Cincinnati State recognizes that information security is a management opportunity rather than a technical problem. To this end, full commitment shall be demonstrated by providing a supportive framework that utilizes the college departmental management structure to disseminate this policy and promote a security culture.

The main components of the College’s Information Security Program are:

  • Information Security Council - This council’s charge will be to approve the Information Security Program and all policies, procedures, and standards; it will also review new information security topics
  • Information Security Policy – These policies establish security controls for the college
  • Information Security Standards – More detailed guidance regarding the specific technical areas that are affected by PCI and information security; the following is a link to an example of a standard
  • Change Management Process – Governs and manages all ITS changes within the Cincinnati State ITS environment; the Change Management Council is charged with managing and enforcing all ITS changes
  • Vulnerability Management Process – An ongoing self-assessment and remediation process has been created to address threats and vulnerabilities to the ITS environment
  • Logging & Monitoring Program – A method to securely log activity on PCI (Payment Card Industry) in scope devices at Cincinnati State; logging and monitoring will also be extended to other devices outside the PCI scope
  • Information Security Awareness Program – This program will provide awareness and workshops to educate the campus on issues related to information security.  This document outlines the awareness program.

 Use the following link to review the full Information Security Program Governance Policy document.

What is Information Security Awareness?

Information security awareness is educating the campus community about the inherent risks of the confidentiality, integrity, or availability of systems & data, and how we all can protect these systems & data.

Audience

This program applies to anyone who accesses any of the Cincinnati State networks.  They include:

  • Employees (full and part-time)
  • Students
  • Consultants, Contractors, Vendors

Overview

The Information Security Awareness Program will consist of the following components.

  • Acceptable Use of Technology: Acceptance Process: This contains an acceptance process to ensure the campus community understands and accepts the Acceptable Use of Technology Policy. It also contains policies, procedures, standards, training schedule, etc.
  • Information Security Awareness Program Guidelines (this website)
  • Information Security Awareness Information Sessions: On a recurring basis, ITS will conduct brief and concise face-to-face awareness information sessions regarding information security topics
  • Are You Aware of IT?: Daily News “be aware” topics (coming soon!)
  • Information Security Awareness Month: October is the National Cyber Security Awareness Month.  ITS will conduct weekly awareness sessions to cover a variety of topics.

Acceptable Use of Technology: Acceptance Process

To help protect our systems and data, it is important that the Cincinnati State community understand and acknowledge the Acceptable User of Technology policy.  Every employee (full & part-time), consultant, contractor, and vendor who has access to Cincinnati State systems should complete this process annually. This acceptance process should take less than 20 minutes to complete.  Click Acceptable Use of Technology for instructions on accepting the policy now.

Information Security Awareness Program Guidelines

As stated above, information security awareness is educating the campus community about the inherent risks of the confidentiality, integrity, or availability of systems & data, and how we can protect these systems & data.

End users are the largest audience in any organization and are the single most important element to reduce unintentional errors and IT vulnerabilities. The following (Table 1 below) is a list of specific guidelines (topics) that will define terms and concepts to help you, as a member of the College, to do your part in keeping our systems & data secure.

From the table below (Table 1), click the appropriate image/link to select the method you would like to use to learn more about these information security awareness guidelines.

Guideline
Document Video

Sensitive Data

PDF Image
Document
YouTube Image
Video

Staying Safe & Secure Online

PDF Image
Document
YouTube Image
Video

E-Mail Security

PDF Image
Document
YouTube Image
Video

Mobile Devices

PDF Image
Document
YouTube Image
Video

Username & Password Security

PDF Image
Document
YouTube Image
Video

Off-Campus/Remote Access

PDF Image
Document
YouTube Image
Video

Networks

PDF Image
Document
YouTube Image
Video

Acceptable Use of Technology

PDF Image
Document
YouTube Image
Video
Document Actions
CincinnatiState.edu    Site Map    Accessibility    Privacy Statement    Glossary    Driving Directions    Campus Map    
© 2009-2014 Cincinnati State Technical and Community College     All rights reserved.