New policy and procedure prioritize data protection
Information security is important to all of us
New Information Security policy, procedure and standards have been developed to better protect the information used and shared by the university community, both within and outside the university. They were approved by the UM Board of Governors on February 3, 2020.
“Systems used to process, store, retrieve and transmit information play a vital role in the conduct and success of the UM’s teaching, learning, research, outreach and business processes,” says Patrick McCarthy, director of IST Information Security and Compliance.
“The Information Security Policy will also enable us to reduce the impact of the cyber threats all organizations and educational institutions are facing,” he adds.
The policy, procedure and standards apply to everyone in the university because, as McCarthy notes, we all have a responsibility to keep our data safe and protected.
The purpose of the Information Security Policy is to:
- ensure the protection of the all information and information systems;
- mitigate risks associated with theft, loss, misuse, damage or abuse of information systems;
- ensure staff, students, faculty and researchers are aware of and comply with provincial and federal legislation;
- minimize the university’s exposure to cyber attacks;
- ensure that information users understand their responsibilities; and
- protect the university from liability.
Developed by the Information Security and Compliance team, the draft policy and procedure were reviewed by units including human resources, the office of legal counsel, audit services, access and privacy and the unions across the university prior to ratification.
What do I need to do?
Some standards like the Password Standard apply to everyone, while others like the Workstation Patch Management Standard apply to anyone responsible for managing, updating or maintaining computer systems.
Where do I get more information?
If you have any questions, concerns or would like more information about your responsibilities, email the Information Security and Compliance team directly at infosec [at] umanitoba [dot] ca.
Thank you for your continued help in ensuring the confidentiality, integrity and availability of the university’s data.
Remember: Information Security Starts with You!