Users must ensure that their computer related habits and procedures are performed in a manner that minimizes risks to the security, confidentiality and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration destruction or other compromise of such information.
This policy is designed to lay out the framework that governs user accounts and training, to ensure that users are acting in a manner that maximizes security.
This policy applies to any individual who has a device attached to Clarkson’s computer network and who deals with University owned computer data.
Steps must be taken to ensure that user accounts are not used without their owner’s consent and that accounts are not active for any longer than they are required. The standards governing these areas are found in the Password Policy and the Account Deactivation Policy, respectively. The creation of usernames is governed by the Naming Convention Policy.
Additionally, it is important that users, especially those users who have access to sensitive data, are aware of security concerns and computing best-practices. The User Training Policy presents requirements to address this issue.
All requirements given in the above mentioned policies shall be followed at all times.
Failure to follow this policy will result in the offender(s) being subject to disciplinary action up to and including a formal written letter of corrective action.
6.0 Revision History
Draft Policy – 19 April 2005 – jfiske
Draft Policy – 5 May 2005 – jfiske
Draft Policy – 10 February 2006 – jfiske
Approved Policy v1.0 – 4 November 2013 – jfiske