Kansas State University

search

IT News

Tag: security policy

New IT security policy requires removal of data before disposing of media

Posted on by Harvard Townsend (harv@ksu.edu)

To protect sensitive university data from unauthorized disclosure when the media that stores the data is disposed of or reused, K-State’s new Media Sanitization and Disposal Policy is now in effect and has been published in the university’s PPM.

Media sanitization” is a process by which all data are permanently removed from storage media in a manner that prevents their recovery. This applies to anything that can store data — computer hard drives, CDs and DVDs, backup tapes, USB flash drives, and even paper. We can employ the most strict security controls to protect data while in our possession, but it is all for not if the data remain on a computer hard drive when that system is disposed of, recycled, or reused.

Continue reading “New IT security policy requires removal of data before disposing of media”

System Development and Maintenance Security Policy now in effect

Posted on by Harvard Townsend (harv@ksu.edu)

K-State’s new System Development and Maintenance Security Policy helps ensure that security is considered at all stages of an information systems’ life cycle. Too often, security is an afterthought when a new application is implemented, or a change to an existing system introduces a new security vulnerability and thereby places university data at risk.

This policy targets anyone involved in the acquisition, implementation, or maintenance of an enterprise information system or “systems that require special attention to security due to the risk of harm resulting from loss, misuse, or unauthorized access to or modification of the information therein.” An example of the latter would be a departmental or college system that contains confidential student or personnel data.

The policy addresses the following areas: Continue reading “System Development and Maintenance Security Policy now in effect”

National cybersecurity initiative under way

Posted on by Rebecca Gould

Friday, May 29, Cybersecurity Chief Melissa Hathaway at the National Security Council blogged about the federal approach to securing the nation’s digital future. The culmination of 40+ meetings and reviews of more than 100 papers is the Cyberspace Policy Review, which outlines the nation’s plan to create a reliable, secure infrastructure.

Get the full scoop at Hathaway’s whitehouse.gov/CyberReview blog site — don’t miss the video — and/or read the summary document (PDF, 76 pages).

Continue reading “National cybersecurity initiative under way”

IT Security Roundtable Jan. 16: New IT security policies

Posted on by Harvard Townsend (harv@ksu.edu)

New and upcoming IT security policies at K-State will be the topic of SIRT’s next IT security roundtable discussion this Friday, Jan. 16, 9:00-10:30 a.m. in Union 213IRMC has been developing IT security policies and has passed several in recent months that affect everyone at K-State. Furthermore, the State of Kansas Legislative Division of Post Audit recently performed a follow-up review of a 2005 security audit with numerous policy recommendations that IRMC will address this spring.

Come to this roundtable to hear about new policies in the following areas that are in the final stages of the approval process, some currently under review, and others that will be proposed this spring: Continue reading “IT Security Roundtable Jan. 16: New IT security policies”