Why Secure Computing Is Your Responsibility
While your department may have staff who provide computer setup and assistance, ultimately you are responsible for taking care of your computer and guarding the information it holds. Following security guidelines and good business practices is part of doing your job. The vast majority of computer breaches that we have investigated over the past few years have been the result of poor personal choices, weak computer practices, and less-than-satisfactory data-handling procedures. It is the responsibility of everyone who uses a computer at work to protect NYMC data. The data on your computer is college property that has been placed in your care.
Much of the data we work with is sensitive, such as Social Security numbers, payroll information, grades, and more. However, all college data needs to be protected.
Consequences of Not Practicing Secure Computing
Keeping your computer secure takes vastly less time than recovering from a security problem. If your computer is compromised, you will likely lose access to it for at least a few hours, possibly days. You may also lose any work you did since your computer was last backed up. If the security problem put sensitive data at risk, or if your computer is lost or stolen, the effects can be far-reaching:
Recovering from a computer compromise or loss of sensitive data, large or small, can take people many hours and, as a result, is an expensive activity.
Consequences of Mishandling Sensitive Data
Mishandling sensitive data can lead to NYMC suffering financial loss or loss of reputation. The possible loss of certain types of data requires NYMC to report the event to government agencies and inform possible affected individuals.
If there is even a possibility of data loss, responding can easily consume hundreds of hours and is, as a result, an expensive activity. It can also involve many people from both within your department and elsewhere around campus and, consequently, can significantly disrupt college business. Many universities, even NYMC, have experienced the repercussions of losing sensitive data, including:
What Happens When NYMC Data May have Been Exposed to an Intruder or Malicious Software
If an intruder has gained access to a computer used at NYMC that contains sensitive data, the IT Security Office will lead an investigation of the incident.