Information Technology Security
Information Security Policies and Standards
The CSU is enhancing its information security program by developing a set of system-wide information security policies and supports standards. The CSU contracted with a consulting firm to assist in the development of a system-wide responsible use policy, information security policy and supporting standards.
The policies and standards are intended to provide direction and support to campuses in their efforts to protect CSU information assets and provide privacy protection to individuals in accordance with applicable laws and regulations and university requirements. The policies and standards help promote and encourage appropriate use of information assets. Campuses may supplement, but not supersede, the system-wide policies and standards by developing additional campus policies and standards.
Information Securty Resource Links:
"The Department of Homeland Security's United States Computer Emergency Readiness Team (US-CERT) leads efforts to improve the Nation's cybersecurity posture, coordinate cyber information sharing, and proactively manage cyber risks to the Nation while protecting the constitutional rights of Americans. US-CERT strives to be a trusted global leader in cybersecurity—collaborative, agile, and responsive in a dynamic and complex environment."
"The ISC was created in 2001 following the successful detection, analysis, and widespread warning of the Li0n worm. Today, the ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers."
"The California Information Security Office is the primary state government authority in ensuring the confidentiality, integrity, and availability of state systems and applications, and ensuring the protection of state information."
"The Information Security Program Guide was originally developed by a workgroup of state agency Information Security Officers (ISO) in March 2006 as a guide to assist agencies in developing an information security program or enhancing their existing program. It was formally adopted by the State Chief Information Officer's Information Technology (IT) Council in April 2007."
-Office of Information Security and Privacy Protection Information Security Program Guide for State Agencies April 2008 (Version 3)