Information Security Guidelines
Information is a critical asset of Bryant University and protecting information assets and their related processing systems is the primary goal of Bryant University’s Information Security Program. All information created or used in support of Bryant University business is considered university information. University information will be protected from accidental, malicious or unauthorized disclosure, misuse, modification, destruction, loss and/or damage.
- Acceptable Use
- Change Control
- Cyber Risk Awareness
- Cyber Security Scanning Tools
- Data Classification
- Data Encryption
- Digital Identity Lifecycle Management
- Digital Millennium Copyright Act (DMCA)
- Digital Privacy
- Electronic Mail (Email)
- Email Retention and Disposition Schedule
- Gramm-Leach-Bliley Act
- Higher Education Opportunity Act and P2P File Sharing
- IT Cloud Adoption Strategy
- IT Incident Response Protocol
- IT Disaster Recovery
- Litigation Hold
- Mobile Phone Guidelines
- Password Protection
- Payment Card Industry (PCI) Compliance
- Red Flags Rule
- Remote Access (Traveling Abroad)
- Social Media Guidelines and Best Practices
- Storage Guidelines
- Technology: on Premise Facilities
- Travel Guidelines
Service Provider Forms
Applications and services contracted for by the University and hosted externally by service providers bring special security challenges. The following information is provided to ensure compliance with all applicable state and federal laws and regulations, University policies, and to assist the Bryant community in sharing information properly with third parties. Vendors that are receiving and/or storing sensitive information must be properly vetted to ensure they meet or exceed the University’s standards for the protection of sensitive information.
Information Technology Guidelines & Controls
It is the responsibility of each Information Services department to develop and document operational practices (processes and procedures) in order to implement the goals of the University's adopted security standards.
To ensure practices and guidelines remain current, they undergo regular review. Suggestions, questions and concerns are welcome, and should be addressed to firstname.lastname@example.org.