Normandale Community College Policies and Procedures

5.23 Security and Privacy of Information Resources

MnSCU Board Policy 5.23: Security and Privacy of Information Resources

MnSCU Guideline Password Usage and Handling

MnSCU Guideline Encryption for Mobile Computing and Storage Devices

MnSCU Guideline Data Sanitization

MnSCU Guideline Information Security Incident Response

MnSCU Guideline Security Patch Management

MnSCU Guideline Vulnerability Scanning

MnSCU Guideline Anti-malware Installation and Management

MnSCU Guideline Payment Card Industry - Technical Requirements

Purpose: To protect the security and privacy of its information resources and to make information accessible as required by law in accordance with MnSCU Board Policy 5.23.

Part 1: Purpose

Subpart A: Security and Privacy. The purpose of this policy is to protect the security and privacy of College data and resources while providing fair and distributed access to computing and network facilities for the entire community of users.

Subpart B: Establishing Procedures. The College will establish procedures as needed to address the MnSCU Guidelines for Board Policy 5.23.

Part 2: Scope

Subpart A: Procedures. Procedures associated with this policy include, but are not limited to: security and privacy, consistency with Minnesota Statutes section 43A.38 and other applicable law; monitoring; unauthorized uses and other limitations on use.

Subpart B: Applicability. This policy applies to all users of system/technology information resources; and to all system/technology information resources in any form or storage media, wherever located.

Policy History:

Date of Adoption: Established prior to 2011

Date of Implementation:

Date and Subject of Revisions:

Next Review Date: 2016-17