Security Policies

TAMU Policies

TAMU IT Security Website: http://security.tamu.edu

Texas A&M Information Security Controls Catalog: http://cio.tamu.edu/Risk_Management_Policy/IT_Policy/Information_Security_Controls_Catalog.php

Texas A&M AgriLife IT Security Policies:  http://ait-security.tamu.edu/

Each user should have a unique user account that they use across computers (TAMU NetID).  This is handled automatically for any domain joined computer but those with local accounts and Apple computers must set this up manually.

When leaving a computer unattended please be sure to lock the computer and close the office/lab door, you will be responsible for any actions done by your or others while your account is logged in.  Systems can be locked by:

  • WINDOWS: Pressing the Windows key + L simultaneously
  • MAC: Pressing Ctrl + Shift+ Power simultaneously

TAMU AnyConnect Start Before Logon: https://tamu.service-now.com/tamu-selfservice/knowledge_detail.do?
sysparm_document_key=kb_knowledge,665ac6306fb84a00b522db3bbb3ee4a0

Principle of Least Privilege

TAMU is moving to the principle of least privilege with regards to security and we will be introducing this through Viewfinity.

  • All computers will NOT come with Administrator access which significantly reduces our attack surface
  • Will allow us to have fine grained control over what is allowed to run at elevated permissions
  • On-demand elevation allows you to request any application be elevated by stating a justification
  • Application control prevents known malicious applications from entering the environment

Viewfinity Agents

Additional Security Software which must be installed on all internet connected devices

  • Identity Finder – For discovering Personal and Confidential Information (provided by TAMU).  Set to scan in July.
  • SOPHOS – Antivirus/Malware/DLP (provided by AgriLife)
    • Updates definitions every 45 mins
    • Runs scans every Tuesday, Thursday, Saturday and Sunday at 3:00AM

Confidential Information Awareness

Storage/transfer of confidential information can only be facilitated through approved systems and methods to limit the likelihood of unauthorized disclosure or public release.

– Laserfiche is the approved repository for confidential information

– Filex is the approved system for transferring confidential information

Handling confidential information, outside these systems, requires a method compliant with Rules and Procedures.  If a business need exists, please contact the AgriLife Information Security Officer, to discuss possible compliant methodologies.

Finally, be sure to review your systems annually to ensure stored data/files do not include confidential information.

Confidential Data – Data that is excluded from disclosure under requirements from federal or state law.  This can include but is not limited to: personal records, health records, financial records, address information, student education records, credit card, social security or drivers’ license numbers.

Security Incident Notification

Security incidents shall be promptly reported to immediate supervisors and the AgriLife ISO.  As warranted, the AgriLife ISO will report the condition to the Chief ISO for the TAMU System.  Security incidents include, but are not restricted to:

  • changes to system hardware, firmware, or data without the agency’s effective consent;
  • malicious code detection;
  • unauthorized use of computer accounts and computer systems;
  • theft of computer equipment or theft of information;
  • accidental or planned disruption or denial of service; or
  • complaints of improper use of information resources as outlined in the security monitoring procedures, the intrusion detection procedures, the internet/intranet procedures, and the acceptable use procedures.

Incidents involving AgriLife IT services, must be reported at http://agrilifesirs.tamu.edu/

Comments are closed.