Information security program
In addition to providing a channel for ongoing communication regarding information security at the college through this blog, this website is also the repository for some of the documents which are part of the official information security program.
Today a new link is posted on the top menu which allows users to see the current information security standards. Along with college policies and procedures, these standards address how the college ensures secure interactions will take place within specific aspects of the college’s technical working environment.
The college’s information security standards are categorized as either:
- TECHNICAL, which usually is only of interest to those IT support personnel on campus providing technical support in the specific areas addressed in the standard, or
- GENERAL, which is of interest to all users on campus. These standards provide guidelines regarding how the security of information must be maintained by all technology users and how campus technology may be accessed and used.
All information security standards will be numbered (generally in accordance with the domains established under ISO/IEC standard 27002, if you are interested in the tedious details). General standards will have just a number and those that are technical in nature will be appended with a letter “T.”
As of this posting, there are no standards listed on the page yet. All information security processes on campus are undergoing revision during the next few months and approved updated versions of the standards will be posted as they are approved.
(Though they are out of date and reflect many expectations and processes that are no longer in effect, the old security standards may be accessed at: http://commons.bellevuecollege.edu/itsecurity/old-standards/)