Section 1300: Information Technology

Effective: April, 2023
Revised: 
Last Review:
Next Review: 
Responsible Party: Chief Information Officer

This policy establishes standards regarding the use and safeguarding of MSU-Northern Information resources and data. Its purpose is to:

  • Protect the privacy of individuals by preserving the confidentiality of Personally Identifiable Information (PII) entrusted to MSU-Northern;
  • Ensure compliance with applicable University and Board of Regents Policies, and State and Federal laws and regulations regarding management of risks to, and the security of, Information resources;
  • Establish accountability;
  • Educate individuals regarding their responsibilities associated with use and management of MSU-Northern Information resources.

 

Policy

Information resources residing at MSU-Northern are strategic and vital assets. Access to these resources shall be appropriately managed. It is the policy of MSU-Northern:

  • To protect Information resources based on risk against accidental or unauthorized access, disclosure, modification, or destruction, and to assure the availability, confidentiality, and integrity of these resources;
  • Apply appropriate physical and technical safeguards without creating unjustified obstacles to conducting business and achieving the mission of the University; and
  • Comply with applicable MSU-Northern, MSU Enterprise and MUS Board of Regents policies, and state and federal laws regarding information resources.

 

This Policy applies to:

  • All organizational units within MSU-Northern;
  • All information resources owned, leased, operated, or under the custodial care of any MSU-Northern organization or entity;
  • All information resources owned, leased, operated, or under the custodial care of third-parties operated on behalf of any MSU-Northern organization or facility;
  • All individuals accessing, using, holding, or managing University information resources.

 

Information Security Standards & Policies

Acceptable Use

Passwords

Data Stewardship

Security Incident Response

Cybersecurity Training & Testing

Technology Management

Network Management

Asset Management