This message was distributed to the Rice community on September 17, 2019.
Colleagues,
Recent headlines continue to show increased attacks designed to gain access to our accounts and internal resources, including the private information of members of our community.
As a reminder, University Policy 808, the Protection of University Data and Information, requires that all members of the community take appropriate precautions to protect the privacy of information entrusted to our care.
University Policy 808, Protection of University Data and Information
https://policy.rice.edu/808
We can reduce Rice’s risk of exposure by following a few simple guidelines:
- Only collect information needed to support the University. Keep the information only as long as necessary and then purge the information safely.
- Only grant access to private information to those with a need to know. Remove access when no longer needed.
- Develop and publish information handling procedures for your department. Train staff on these procedures. Review and update these procedures regularly. Provide refresher training annually.
- Use technology-based solutions to help protect information:
- Password protect devices storing private information.
- Use encryption on all devices, especially laptops, tablets, and phones.
- Only use Rice-approved cloud services like Rice’s Box.com and Google Drive to share files instead of sending them via email.
- For help with these solutions, contact the OIT Helpdesk by calling 713-348-4357 (HELP) or by emailing helpdesk@rice.edu.
More information about how to safely use information technology resources can be found here:
Guidelines for the Use of Information Technology
https://vpit.rice.edu/guidelines-use-information-technology
Other general information on this topic is available on the Information Security Office Home page
https://vpit.rice.edu/information-security
Protecting the privacy and security of institutional data is your responsibility, and a responsibility we all share as members of this community.
If you think that data has been or may have been compromised (e.g. a hacking attack, or an unencrypted lost laptop), you must notify the Information Security Office immediately by calling 713-348-6754 or by emailing itso-l@rice.edu.
Thank you for your help.
Marc Scarborough
Chief Information Security Officer