|
|
While your department may have staff who provide computer setup and assistance, ultimately you are responsible for taking care of your computer and guarding the information it holds. Following security guidelines and good business practices is part of your job duties. The vast majority of computer breaches that we have investigated over the past few years have been the result of weak computer practices, less-than-satisfactory data-handling procedures, or poor personal choices. It is the responsibility of everyone who uses a computer at work to protect NYMC data. The data on your computer is college property that has been placed in your care. Much of the data we work with is sensitive, such as Social Security numbers, payroll information, grades, and more. However, all college data needs to be protected.
Keeping your computer secure takes vastly less time than recovering from a security problem. If your computer is compromised, you will likely lose access to it for at least a few hours, possibly days. You may also lose any work you did since your computer was last backed up. If the security problem put sensitive data at risk, or if your computer is lost or stolen, the effects can be far-reaching:
Recovering from a computer compromise or loss of sensitive data, large or small, can take people many hours and, as a result, is an expensive activity.
Mishandling sensitive data can lead to NYMC suffering financial loss or loss of reputation. The possible loss of certain types of data requires NYMC to report the event to government agencies and inform possible affected individuals.
If there is even a possibility of data loss, responding can easily consume hundreds of hours and is, as a result, an expensive activity. It can also involve many people from both within your department and elsewhere around campus and, consequently, can significantly disrupt college business. Many universities, even NYMC, have experienced the repercussions of losing sensitive data, including:
If an intruder has gained access to a computer used at NYMC that contains sensitive data, the IT Security Office will lead an investigation of the incident.