The Washington University Office of Information Security strives to build a sustainable information security program that supports the vital work of education, research, and clinical care while also protecting the security of our systems and users. Information security is important to every member of our community, and we all share personal responsibility for ensuring the security of our systems. We continuously improve our systems and strategies to meet the needs of our diverse users, and we have recently revised and updated our policies to reflect changes in the information security landscape.
All policies pertaining to information security are available at informationsecurity.wustl.edu. Our policies are always created with an eye toward trends and issues that affect the security of our campus and its resources, as well as the security of personal devices that may use our university infrastructure. The list below describes a few of our new and existing policies:
Personal Device Security Policy
One example of the sort of guidance you will find on our website is our Personal Device Security Policy. This policy contains guidance for how to set up and use your personal device to access, create, host, and transmit confidential and/or protected information.
Information Security Training and Awareness Policy
Our Information Security Training and Awareness Policy includes details of how we work with Human Resources, departments, and schools to provide security training around a variety of topics related to information security. We expect to see much development in this area over the coming year with the addition of a full-time team member who is focusing on communications for our office.
Roles and Responsibilities Policy
You will find the hierarchy of governance related to information security along with a breakdown of the responsibilities of specific offices in our Roles and Responsibilities Policy.
If you would like to contact the Office of Information Security about our policies or other issues, please send an email to firstname.lastname@example.org or call us at 314-747-2955. If you would like to make an anonymous report to the Washington University Compliance Office, you can send an email to email@example.com or call 314-362-4954. Please visit informationsecurity.wustl.edu for more information about our office and follow us on Twitter at @WUSTL_InfoSec.