Skip to end of metadata
Go to start of metadata

1.0 Overview

Users must ensure that their computer related habits and procedures are performed in a manner that minimizes risks to the security, confidentiality and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration destruction or other compromise of such information.

2.0 Purpose

This policy is designed to lay out the framework that governs user accounts and training, to ensure that users are acting in a manner that maximizes security.

3.0 Scope

This policy applies to any individual who has a device attached to Clarkson’s computer network and who deals with University owned computer data.

4.0 Policy

Steps must be taken to ensure that user accounts are not used without their owner’s consent and that accounts are not active for any longer than they are required.  The standards governing these areas are found in the Password Policy and the Account Deactivation Policy, respectively.  The creation of usernames is governed by the Naming Convention Policy.

Additionally, it is important that users, especially those users who have access to sensitive data, are aware of security concerns and computing best-practices.  The User Training Policy presents requirements to address this issue.

All requirements given in the above mentioned policies shall be followed at all times.

5.0 Enforcement

6.0 Definitions