New and Updated Information Security Standards

Dec. 19, 2017

The Information Security Office has worked with campus stakeholders to develop two new standards and revise another standard to provide appropriate guidance in following best security practices. 

The new standards are:

  1. Endpoint Encryption Standard (IS-S303):  Created to provide guidance on protecting University data, especially Regulated and Confidential Data, as defined in the University’s Data Classification and Handling Standard (IS-S302).
  2. Security Awareness and Training Standard (IS-S401):  Defines security awareness training requirements for University employees (including student employees) and Designated Campus Colleagues who have access to University information assets.   

 The revised standard is: 

  1. Manager Information Security Standard (IS-S400):  Updated to provide more detailed information on best practices for supervisors to ensure that they have done their due care in securing University resources related to personnel changes.

If you have any questions, please contact the Information Security Office at 621- 8476 or