5.23 Security and Privacy of Information Resources
MnSCU Board Policy 5.23: Security and Privacy of Information Resources
MnSCU Guideline 5.23.1.1: Password Usage and Handling
MnSCU Guideline 5.23.1.2: Encryption for Mobile Computing and Storage Devices
MnSCU Guideline 5.23.1.3: Data Sanitization
MnSCU Guideline 5.23.1.4: Information Security Incident Response
MnSCU Guideline 5.23.1.5: Security Patch Management
MnSCU Guideline 5.23.1.6: Vulnerability Scanning
MnSCU Guideline 5.23.1.8: Anti-malware Installation and Management
MnSCU Guideline 5.23.1.10: Payment Card Industry - Technical Requirements
Purpose: To protect the security and privacy of its information resources and to make information accessible as required by law in accordance with MnSCU Board Policy 5.23.
Part 1: Purpose
Subpart A: Security and Privacy. The purpose of this policy is to protect the security and privacy of College data and resources while providing fair and distributed access to computing and network facilities for the entire community of users.
Subpart B: Establishing Procedures. The College will establish procedures as needed to address the MnSCU Guidelines for Board Policy 5.23.
Part 2: Scope
Subpart A: Procedures. Procedures associated with this policy include, but are not limited to: security and privacy, consistency with Minnesota Statutes section 43A.38 and other applicable law; monitoring; unauthorized uses and other limitations on use.
Subpart B: Applicability. This policy applies to all users of system/technology information resources; and to all system/technology information resources in any form or storage media, wherever located.
Policy History:
Date of Adoption: Established prior to 2011
Date of Implementation:
Date and Subject of Revisions:
Next Review Date: 2016-17