Data Awareness & Management of Institutional Data

Procedures

• Data privacy and security info graphic card (PDF) is distributed to all current and new faculty and staff. This card is reviewed annually and revised as needed.
• IU IT Policy IT-07, Privacy of Electronic Information and Information Technology Resources will be posted at Service Desk locations
• Incident Response Policy text will be posted in College-occupied buildings
• Privacy newsletter published to College email distribution list quarterly
• All College IT group members will use the CAS+Duo authentication option for CAS-protected resources
• All College IT group members will review university and College IT policies at least annually
• Anti-Phishing training will be conducted annually and for new hires
• Critical Data is stored only on approved devices and transferred across the network only with strong encryption
• All College laptops are must be setup with full disk encryption before being released to end users
• Backups of central file servers are sent to UITS backup services with encryption.
• Approval to access critical and restricted data will be documented internally per College IT Operating Procedures: Problem Resolution and Service Desk including appropriate approvals.