The Goldey-Beacom College (GBC) Information Security Policy is designed to protect all information resources (as defined below) essential to performing the College business. These are College assets over which the College has both rights and obligations to provide reasonable physical, administrative, and technical safeguards that:
The Vice President for Operations and Planning and the Dean of Information Technology are the designated GBC compliance officers for Goldey-Beacom College with regards to this policy.
For the purpose of this policy, information resources refer to:
Information Security is the protection of information resources against unintended uses. This includes, but is not limited to, protection against:
This policy applies to all Goldey-Beacom students, faculty and staff. This policy also applies to anyone who has access to or uses any Goldey-Beacom College information resources. Contractors performing work for Goldey-Beacom College that involves any information resources must also meet the requirements of this policy.
This policy is meant to be consistent with all other College policies. In the event that state or federal law, regulation or local policy imposes more specific or more stringent requirements than are required by this policy, the law, regulation or policy shall take precedence.
College employees/contractors are granted access to those information resources required to carry out the responsibilities of their position. It is prohibited for any College employee/contractor to knowingly damage or misuse computing resources or data.
Access capabilities/restrictions apply to all information resources as defined above. Safeguards are taken to ensure the security of the resources and to maximize the integrity of the information.
Access privileges are determined based on the duties and responsibilities of each position. Users with access privileges are assigned an access username. Use of another person’s access username is prohibited.
Users are individuals who access and use College electronic information resources. Without exception, all members of the College community are “users” of Goldey-Beacom’s information resources. Users must:
The Chief Information Officer, with the advice and consent of the Vice President for Operations and Planning, shall publish and enforce guidelines for users relating to physical security, logical security, passwords, software and patches, data backup, viruses, remote access and other topics critical to the information security posture of Goldey-Beacom College.
Data and information that are owned by Goldey-Beacom College must be protected to ensure the rights of Goldey-Beacom College, its students, faculty and staff are safeguarded. These safeguards are required, in some cases, by law, in some cases by college policy, and in some cases by high ethical standards.
This Policy applies to all College information resources, including those used by the College under license or contract. “Information resources” include information in any form and recorded on any media, and all computer and communications equipment and software.
All information covered by this Policy is assigned one of three classifications depending on the level of security required. In decreasing order of sensitivity, these classifications are Confidential, Internal Use Only, and Unrestricted. Information that is either Confidential or Internal Use Only is also considered to be restricted.
This classification covers sensitive information about individuals, including information identified in the Staff Personnel Policy Manual and Faculty Policy and Resource Manual, and sensitive information about the College. Information receiving this classification requires a high level of protection against unauthorized disclosure, modification, destruction, and use. This information must not be downloaded, copied, or transmitted to any information resource which is not controlled/secured by the College. Specific categories of confidential information include information about:
This classification covers information that requires protection against unauthorized disclosure, modification, destruction, and use, but the sensitivity of the information is less than that for confidential information. Examples of Internal Use Only information are internal memos, correspondence, and other documents whose access/distribution is limited as intended by the employee’s position.
This classification covers information that can be disclosed to any person inside or outside the College. Although security mechanisms are not needed to control disclosure and dissemination, they are still required to protect against unauthorized modification and destruction of information.
Information that is not classified explicitly is classified by default as follows: Information falling into one of the Confidentiality categories listed above is treated as Confidential. Other information is treated as Internal Use Only unless it is published (publicly displayed in any medium), in which case it is classified as Unrestricted.
It is a violation of this policy to:
Goldey-Beacom College reserves the rights to:
All members of the Goldey-Beacom College community will report violations or suspected violations of this policy to the Chief Information Officer at the following e-mail address: [email protected]. Alternatively, violations or suspected violations may be reported to the Vice President for Operations and Planning. Information Technology staff, who become aware of a potential or suspected violation of this policy through the normal course of their work, are required to inform the Chief Information Officer of the event. The Chief Information Officer with the advice and consent of the Vice President for Operations and Planning may, if appropriate, report violations of this policy to law enforcement.
Anyone found to have violated this policy will be sanctioned using the processes found in existing Goldey-Beacom College policy and employment contracts where applicable.
This policy will be reviewed and updated as needed, at least annually, based on the recommendations of the Office of Information Technology and the Vice President for Operations and Planning.
Ready to begin your journey?
Complete a free application today.
Goldey-Beacom College is a Equal Opportunity Employer/Program. Auxiliary aids and services are available upon request to individuals with disabilities.
Text Telephone/Teletypewriter (TTY) Relay Service: 711 or 800-232-5460 for English or 877-335-7595 for Spanish