Data Security Policy

Purpose

To provide ÈÕº«Èý¼¶ with guidance in developing and implementing the appropriate protective safeguards to ensure the confidentiality, integrity, and availability of ÈÕº«Èý¼¶ assets and information.

Policy

ÈÕº«Èý¼¶â€™s information, data, and records are managed in a manner consistent with ÈÕº«Èý¼¶â€™s risk strategy to protect the confidentiality, integrity, and availability of the assets. Data security controls are submitted to ÈÕº«Èý¼¶ senior leadership for review and approval, and include a cost-benefit analysis to inform the executive staff in their risk strategy decisions.

Summary

  • Data security controls are submitted to ÈÕº«Èý¼¶ senior leadership for review and approval
  • Data security controls will include a cost-benefit analysis to inform the executive staff in their risk strategy decisions
  • ÈÕº«Èý¼¶ employs cryptographic controls in accordance with applicable Federal and State laws, regulations and standards
  • ÈÕº«Èý¼¶ system that requires protection includes but is not limited to configuration settings, intrusion detection and prevention, various logs and password databases
  • ÈÕº«Èý¼¶ protects the confidentiality and integrity of sensitive data by using cryptographic mechanisms
  • ÈÕº«Èý¼¶ applies full disk encryption to all ÈÕº«Èý¼¶-owned laptops, mobile devices and desktop workstations
  • Backups are encrypted (at rest)
  • ÈÕº«Èý¼¶ recommends that students enable full disk encryption on their personal devices
  • All transportable media is also encrypted
  • Papers containing confidential information must not be left out in public view and must be properly destroyed when no longer needed
  • ÈÕº«Èý¼¶ hardware and software assets are documented, tracked, and managed through inventory management
  • Faculty and staff status is tracked and managed by Human Resources and the Dean of the College
  • Student documentation is managed by Admissions, Registrar’s Office, the Dean of Students and the Advancement Office depending upon student status
  • Prior to disposal, sanitization techniques are applied to media
  • ÈÕº«Èý¼¶ ensures that there is adequate capacity to provide availability of its systems
  • ÈÕº«Èý¼¶ employs reasonable and appropriate methods for data loss prevention

Data Security Policy Details [pdf]

 

Contact Us

Mailing Address

333 N. College Way
Claremont, CA 91711

Get in touch

Connect

Give back to
Pomona

Support Pomona

Part of