The Washington University Office of Information Security maintains a sustainable information security program supporting the vital work of education, research, and clinical care while also protecting our systems and users’ security. We can only achieve strong information security for all if we each take personal responsibility for ensuring our systems’ security. We continuously improve our systems and strategies to meet our diverse users’ needs, and we regularly update our policies to reflect changes in the information security landscape.
We always craft our policies with an eye toward trends and issues affecting our campus security, resources, and personal devices that may use our university infrastructure. In addition to continuously monitoring our information systems’ health and regularly reviewing our policies, we engage in direct outreach with our campus throughout the month of October by participating in Cybersecurity Awareness Month. During Cybersecurity Awareness Month, we offer events, activities, and resources to help our campus community stay informed and empowered in the ever-changing information security landscape. Please visit our Cybersecurity Awareness Month page at https://informationsecurity.wustl.edu/csam-2020/ or follow us on Twitter (@WUSTL_InfoSec) for details about the month’s activities.
Below, please find a list and brief description of a few of our new and existing policies. The full text of these and other policies are available at https://informationsecurity.wustl.edu/ .
- Personal Device Security Policy:
- This policy contains guidance for setting up and using your personal device to access, create, host, and transmit confidential or protected information. https://informationsecurity.wustl.edu/policies/personal-device-security/
- Incident Reporting Policy
- This policy details when and how to report a security incident to your IT Service Desk or Security Liaison, and to the Office of Information Security. https://informationsecurity.wustl.edu/policies/incident-reporting-policy/
- Computer Use Policy
- This policy protects the integrity of the WashU information systems, including computing and networking resources. The policy includes specifics about using these resources, data privacy, accessing WashU secure systems, credentials and authentication, the use of personal devices, and the misuse of resources. Additionally, this policy outlines WashU’s rights regarding computer use, including regulating access to systems, monitoring, enforcing security controls, reporting, investigating policy violations, and imposing sanctions for violations. https://informationsecurity.wustl.edu/policies/computer-use-policy/
If you would like to contact the Office of Information Security about our policies or other issues, please send an email to firstname.lastname@example.org or call us at 314-747-2955. If you would like to make an anonymous report to the Washington University Compliance Office, please send an email to email@example.com or call 314-362-4954. Please visit https://informationsecurity.wustl.edu for more information about our office and follow us on Twitter at @WUSTL_InfoSec.