HSU's information security infrastructure comprises the tools and equipment the campus employs to protect University-owned computers and networks. This infrastructure is designed to be as unobtrusive as possible while still maintaining a high degree of protection against malware, hackers, and data breaches:
- Campus border firewall. A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in hardware, software, or a combination of both.
- Encryption. Encryption converts data into a secure form that can be safely moved around and helps HSU meet its obligations under various data protection laws and policies. One of the most effective ways to protect personally identifiable or other confidential information stored on a computer is to encrypt it.
- Network Access Control (NAC). Designed to proactively prevent malware or hackers from gaining access to the network. At HSU, this is tackled at two levels: the network perimeter, where the HSU networks meet the Internet, and the individual system level.
- Password management. Every student, staff, and faculty member is provided with a unique HSU User Name when they officially enter the university population. Each individual must also create (and periodically change) their own secure password, which is used in combination with their User Name to permit access to the relevant systems based on their university role.
- Protected Information Discovery Tools. Personally Identifiable Information (PII) is an umbrella term for information linked to an individual's identity, such as Social Security Numbers, drivers' license data, and credit card or bank account information and which can be used to facilitate identity theft. PII Discovery Software is used to scan University-owned computers to assist in identifying such data so the appropriate action can be taken to secure it.
- Secure wireless. eduroam is the secure wireless network used at HSU; it provides all the benefits of the regular wireless service - anytime, anywhere access to the Internet - with additional security. Staff, faculty, and graduate students can access more of the wired network, including departmental file shares and wired printers, enabling them to work productively anywhere on campus using personal or University-owned devices.
- Virtual Private Network (VPN). A secure communication channel that enables staff and faculty to access their office computers from off campus via a secure web interface.
- Virus protection tools. Microsoft protection is installed and kept updated on all HSU-owned computers automatically; any personally owned computer connecting to the HSU wired or wireless networks must be protected by one of the HSU-recommended antivirus programs.
- Vulnerability Scanning. Vulnerability scans provide critical information to the Information Security Office and management as part of the risk assessment process for campus systems.
- Third Party - Contract Language, Guidelines, Policies & More. CSU policies provides for direction and support for managing third party relationship and for granting access to various HSU resources and third party contract language.
- Mobile Device Security. Do's and don'ts to keep your mobile devices and the data stored on them secure against hacking and other security issues.
- Online Cloud Storage and Email.Frequently Asked Questions and Answers relating to storing data in the cloud shares and sending email and attachments securely.
- Information Security Training. HSU provides Information Security Awareness online and on-campus training materials designed to provide staff and faculty with the knowledge they need to secure information resources.
- Secure Disposal of Paper / Shredding and Electronic Media. Any data storage medium - paper, computer, scanner, copier, hard drive, tablet, smartphone - should be treated as if it contained protected data and must be securely wiped prior to transfer or disposal.
Guidelines and Procedures
- Compromised Computers and Incident Reporting Procedures for Students and Employees. There are many security threats of which to be aware and protect against in order to ensure sensitive information remains secure. These threats are not just caused by sophisticated hackers; they're also caused by a lack of attention or care by people entrusted with sensitive information. Potentially-compromised system incidents must always be referred to the Campus Information Security Officer at (707) 826-3815 or the University Police Department at (707) 826-5555.
- Compromised Host Response IT Staff Procedure. Procedures for a networked computer that is suspected of being compromised by a virus or other malware attack.
- Multifunction Copier Devices. Site preparation, network security settings, scan to folder
- Secure Media Transfer and Disposal Procedures. Procedures to prevent the inadvertent release of confidential, protected, or personally-identifiable information contained on electronic storage devices when physical possession or stewardship changes.
Security for IT Support Staff
For ease of use, this page brings together a number of security-related resources.