Clayton State University recognizes that information and their assets are critical to business functions. It is the responsibility of all users to ensure the safeguarding of business assets as our front line of defense. Information Security works with the Departments of Information Technology & Services in achieving its strategic vision as a partner to the campus community and educator in security awareness and training.
What is Information Security?
The term Information Security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
The Department of Information Security supports the mission of Clayton State University by building a culture of security awareness and risk management to protect the privacy, confidentiality, integrity, and availability of student, faculty, and staff information in partnership with Data Governance:
- Confidentiality: Preventing the intentional or unintentional unauthorized disclosure of data.
- Integrity: ensuring no modifications to data by unauthorized personnel or processes and ensuring internal and external data are consistent and accurate.
- Availability: ensuring the reliable and timely access to data or computing resources by personnel.
What is Cybersecurity?
The cybersecurity landscape continues to change with threat actors becoming more aggressive in their attacks. IT Security is committed to securing the University’s information assets by creating a more educated and secure campus through institutional partnerships.
Cybersecurity is everyone's responsibility.
Learn to identify common techniques
Phishing is a malicious practice used to trick unsuspecting individuals into sharing personal information by using fraudulent emails and claiming to be from reputable companies.
Ways to spot a Phish:
- Phishing emails may contain improper grammar or spelling.
- Look for interesting, emotional pleas asking you to take any action, such as clicking a link.
- Be aware phishing emails disguise themselves as popular sites such as in banking or
- (Example: www.banofamerika.com)
- An email requesting sensitive information—never give personally identifiable information.
Caught a PHISH??? Send it to the PHISHTANK!!! ~ email@example.com
- Highlight the suspected phish (single left click).
- Click on print, then select PDF.
- Select Print.
- Save PDF in the desired location.
- Send phish PDF as an attachment to firstname.lastname@example.org.
Remember, Lakers! Cybersecurity is a team endeavor.
- Cybersecurity starts with YOU and is everyone’s responsibility.
- Ask for Help - Contact the HUB—(678) 466-4357.
- Contact Information Security—email@example.com
For more information go to Phish Tank webpage.
Identity management is an important aspect of information technology security. Employee
logins are requested by Human Resources at the time of hire and are terminated when
Human Resources notifies ITS the person is no longer employed. Accounts will not be
created without Human Resources requesting them.
All users, whether internal, external, or temporary, and their activity on all IT systems should have User Ids that:
- are uniquely identifiable
- are enabled through appropriate authentication mechanisms.
- are assigned access rights to all systems and data in line with defined and documented business needs and job requirements.
- are only requested by user management, approved by system owners, and implemented by the appropriate local security administrator.
For more information go to Identity Management webpage.
All users of information technology owned or managed by CLSU must immediately report suspected information security incidents (including but not limited to virus infections and computers exhibiting behavior consistent with a compromised machine) to the HUB:
• Events, incidents, and potential breaches (i.e., lost/stolen laptop or external
thumb drive) to the HUB at (678) 466-4357 or firstname.lastname@example.org.
• In events, incidents, and potential/confirmed breaches involving Clayton State University data stored, accessed, managed, or otherwise used by a vendor, the CIO/ Information Security (IS) will involve Legal Counsel, Chief Data Officer, and Procurement Services to provide guidance and to determine if there is also a breach of contract that needs to be pursued. Incidents involving vendors, Information Security and/or the vendor will notify USG Cybersecurity through the Enterprise Service Desk email@example.com at 706-583-2001, or 1-888-875-3697 (Toll free within Georgia).
• Events, incidents, and potential breaches reported to Clayton State personnel by vendors must report the incident to USG Cybersecurity through the Enterprise Service Desk firstname.lastname@example.org at 706-583-2001, or 1-888-875-3697 (Toll free within Georgia) and the HUB at (678) 466-4357 or email@example.com.
Alerts & News
CSU INFORMATION SECURITY - IMPORTANT UPDATE