Technology changes on a daily basis. It allows students, faculty and staff to leverage innovations that help us all work faster, smarter and achieve more. Yet with the increase in technology comes the threat to valuable information. In an effort to protect the information of students, employees, alumni and friends, Becker College is working hard to employ the appropriate policies, change business process where needed and comply with state and federal laws surrounding data security.
Protecting data at Becker will be addressed in five major phases. They include:
- Identifying Sensitive Information. Not all data are equal; to help with the process of identifying what information is considered confidential, Becker created a Becker Data Classification and Usage Policy which breaks out data into four major categories.
- Providing Rules for Data Usage. Understanding how to access and store highly confidential information vs. unrestricted information is also critical to keeping information safe. To assist with this process, rules on how to store and use data properly are also detailed in Becker’s Data Classification Policy.
- Reviewing Data Collection Practices. On a routine basis, many employees receive sensitive data in both electronic and paper form. As part of Becker’s ongoing efforts to comply with new state regulations, we continue to work with various areas on Data Privacy Audits to ensure that the institution is handling all sensitive information properly.
- Retention and Destruction. Confidential data becomes more vulnerable to mishandling the longer it sits around. Data retention policies are useful documents that deal with complex issues of maintaining information for a pre-determined length of time. In the coming months, Becker will be creating a formal retention and destruction plan with details on how long information should be kept and the proper methods for destroying sensitive information.
- Awareness and Training. In the next few months, the College will be deploying an on-line compliance and training tool called MOAT, which will include Information Security Training. In addition, the Office of Information Technology will also send out routine newsletters sharing information on new policies, best practices and other helpful information that will keep institutional information secure. Please visit the Awareness and Training section of this web site for historical archives, best practices and FAQs relating to the various information security tools available to the community.