Information technology services security is vital for securing data, maintaining guidelines, ensuring compliance, preventing cyber attacks and building trust.
Security Notices
Malware - “Cryptolocker Ransomware”
Prevention: Do not open email attachments from senders you do not know or attachment you do not understand as to why they were sent to you. If you own personal devices make sure the anti-virus software is up to date.
A particularly nasty phishing scheme is making it way around the US and the world and hooking unsuspecting users and downloading and executing malware on your computer that restricts access to your computer files and gives you 72 hours (typically) to pay a ransom to get access back to your computer files, etc.
The IT dept. is doing everything it can to keep it from getting to your inbox and your computer, but you are the last line of defense. Remember security is everyone’s business.
If you are infected and you receive a notice on your computer that says your personal files are encrypted, shut down your computer and disconnect it from the network immediately and call the IT Helpdesk (ext. 4357).
Security Guidelines
- Privacy of Student, Faculty, Staff, and Alumni Nonpublic Information- Standards for Safeguarding Customer Information (The Gramm-Leach-Bliley Act) - A guide for College Employees
- The Higher Education Opportunity Act (HEOA) Compliance Plan for Combating Unauthorized Distribution of Copyrighted Materials - The Higher Education Opportunity Act (HEOA) was signed into law on Aug. 14, 2008. Final regulations were issued on Oct. 29, 2009. Enforcement of the HEOA provisions began July 1, 2010, and all colleges and universities are required to make a good-faith effort at compliance.
College-Wide Sensitive Data Incident Response Plan
The purpose of the College-Wide Sensitive Data Incident Response Plan (“The Plan”) is to provide a well-defined, organized approach for handling any potential unauthorized access/breach of sensitive data here at College of DuPage (COD). The Plan identifies and describes the roles and responsibilities of the Incident Response Team. The Plan also contains instruction on how the team is to prepare and how The Plan is to be maintained. Also included in The Plan is the contact information for every team member and other important personnel here at the college. The College-Wide Sensitive Data Incident Response Team, under the coordination of the Chief Security Officer, IT, is responsible for putting the plan into action. Copies of the College-Wide Sensitive Data Incident Response Plan are CONFIDENTIAL. Copies can be obtained by college staff, with the need to know, by contacting Ira Rezania, rezaniae@cod.edu, (630) 942-3055.
References
For more information about College Guidelines, Federal Regulations, and Industry Standards that the college and college staff must conform to, refer to the following references. The college must comply with these guidelines, regulations, and standards, or face liabilities including but not limited to fines, and lost service capability. The IT Security Management function is responsible for making sure compliance is met which includes technical compliance, and staff training, awareness, and compliance demonstration.
FERPA (Family Educational Rights and Protection Act)
Requires protection of education records. Learn More
PCI DSS (Payment Card Industry Data Security Standard)
Requires the protection for all credit card information and transactions. Learn More
GLBA (Gramm-Leach-Bliley Act)
Requires protection of financial information
FTC - Summary and Act
HIPAA (Health Insurance Portability and Accountability Act)
Requires the protection of individually identifiable health information. Learn More
CALEA (Communications Assistance for Law Enforcement Act)
Requires electronic communication providers to provide easy access for law enforcement agencies to electronic communications for the purpose of electronic surveillance. Learn More
HEOA (Higher Education Opportunity Act)
Among other things outside IT requires the monitoring and stopping of illegal P2P file sharing. Learn More
Contact Information
Faculty/Staff Helpdesk
(630) 942-4357
Email: helpdesk@cod.edu
Student Helpdesk
(630) 942-2999
Email: studenthelp@dupage.edu
Hours of Operation