October is Cyber Security Awareness Month around the world, and ITServices is taking the opportunity to inform the Queen’s community about a new policy framework designed to safeguard the university’s information technology resources and sensitive information in its care.

“Cyber security is everyone’s responsibility,” says Bo Wandschneider, Chief Information Office and Associate Vice-Principal (Information Technology Services). “We need to be aware of the threats Queen’s faces and what we must do to identify and prevent them.”

The Electronic Information Security Policy Framework is a suite of policies that provides a consistent approach to dealing with risks to electronic information. Queen’s Senate approved the framework in May after ITServices spent several years consulting with the Queen’s community and drafting the policies.

According to Mr. Wandschneider, the changing cyber security landscape required an overarching framework.

“Years ago, universities only had to worry about protecting student and employee records. Now, post-secondary education institutions, like government and corporations, face a greater number of diverse threats from skilled hackers targeting data repositories for identity theft and other financial gains,” he says.

ITServices is launching an education campaign this month around the security framework. Furthermore, the organization is developing procedures that inform people how they can uphold their responsibilities under the policies.

ITServices is also encouraging all staff, faculty and students to take the online information security awareness training course. It offers general, practical information about security practices.

“We believe these policies paint the electronic security vision we should be striving for in the coming months,” says Mr. Wandschneider. “Compliance will take some time, but we are confident staff, faculty and students will take action once they are aware of their responsibilities and the resources available to them.”

This article is the first in a series of stories on cyber security at Queen’s that will run over the next several weeks. Next week’s story will focus on what staff, faculty and students should and shouldn’t do when using the university’s information technology resources.