Information Security Office
Welcome to the Information Security Office
We all have a shared responsibility to protect the confidentiality, integrity and availability of Cal Poly information assets. Our website is intended to provide you with the tools and information to protect yourself, your computer, and help prevent the unauthorized access to or use of University information.
Data Privacy Week (January 22-28, 2023)
Data Privacy Week is an annual campaign to spread awareness about data privacy and educate individuals on how to secure their personal information.
All your online activity generates a trail of data. Websites, apps, and services collect data on your behaviors, interests, and purchases. Sometimes, this includes personal data, like your Social Security and driver's license numbers. It can even include data about your physical self, like health data – think about how a smartwatch counts and records how many steps you take.
While it's true you cannot control how each byte of data about you and your family is shared and processed, you are not helpless! In many cases, you can control how you share your data with a few simple steps. Remember, your data is precious, and you deserve to be selective about who you share it with!
Here are some simple, easy tips that will help you manage your data privacy:
1. KNOW THE TRADEOFF BETWEEN PRIVACY AND CONVENIENCE
Nowadays, when you download a new app, open a new online account, or join a new social media platform, you will often be asked for access to your personal information before you can even use it! This data might include your geographic location, contacts, and photos.
For these businesses, this personal information about you is of tremendous value – and you should think about if the service you get in return is worth the data you must hand over, even if the service is free.
Make informed decisions about sharing your data with businesses or services:
- Is the service, app, or game worth the amount or type of personal data they want in return?
- Can you control your data privacy and still use the service?
- Is the data requested even relevant for the app or service (that is, "why does a Solitaire game need to know all my contacts")?
- If you haven't used an app, service, or account in several months, is it worth keeping around knowing that it might be collecting and sharing your data?
2. ADJUST SETTINGS TO YOUR COMFORT LEVEL
For every app, account, or device, check the privacy and security settings. These should be easy to find in the Settings section and should take a few moments to change. Set them to your comfort level for personal information sharing; generally, we think it's wise to lean on the side of sharing less data, not more.
You don't have to do this for every account at once, start small and over time you'll make a habit of adjusting all your settings to your comfort. The National Cybersecurity Alliance has in-depth, free resources like the Manage Your Privacy Settings page that lets you check the settings of social media accounts, retail stores, apps and more.
3. PROTECT YOUR DATA
Data privacy and data security go hand-in-hand. Along with managing your data privacy settings, follow some simple cybersecurity tips to keep it safe. We recommend following the Core 4:
- Create long (at least 12 characters), unique passwords for each account and device. Use a password manager to store each password – maintaining dozens of passwords securely is now easier than ever.
- Turn on multifactor authentication (MFA) wherever it is permitted – this keeps your data safe even if your password is compromised.
- Turn on automatic device, software, and browser updates, or make sure you install updates as soon as they are available.
- Learn how to identify phishing messages, which can be sent as emails, texts, or direct messages.
- Spirion Software - Preventing a data breach starts with knowing where your sensitive information exists. Spirion can help you locate confidential data you may not be aware of and assist you with proper security or disposal.
- Cal Poly Information Security Awareness Training - Cal Poly information security is a shared responsibility to protect resources.
- Information Security Standards - Minimum requirements to implement the Information Security Program. Vulnerability Assessment and Management is the latest publication.
- Information Security Program (PDF) - Applies to the security of all University information and to all Cal Poly students, employees, consultants, contractors, or any person having access to University information in any form.
- Responsible Use Policy - The principal concern of this policy is the effective and efficient use of information technology resources. All users must abide by this policy.
- HEOA P2P/Copyright Compliance - Campus plans for complying with peer-to-peer file sharing requirements under the Higher Education Opportunity Act of 2008
- Cyber Security Awareness - Visit Skillsoft for the latest Ninjio episode and our Information Security Forum page for the next event's details.