Anyone not in compliance with an Information Security Standard is subject to sanctions including suspension of computer and network privileges and/or the full range of current Institute personnel and student disciplinary processes.
In a small number of circumstances, it may not be possible to comply with an Information Security Standard. The Information Security Office has provided the following method for obtaining an exception to compliance with a published information security standard. Exceptions should be approved and signed by the appropriate Information Trustee (VP, Dean, or CIO). (An email endorsing the exception request is acceptable.)
Plain English Guide to the Information Security Policy
RIT has issued an Information Security Policy. The Policy provides the strategic direction needed to implement appropriate information safeguards for RIT information and the Institute network. This Plain English Guide provides explanation and illustration of the Policy and is provided as an aid to help you understand and implement the requirements of the Policy. The Policy itself is authoritative. The policy is effective immediately.
Why did RIT issue the policy?
The Policy authorizes RIT to take reasonable measures to protect RIT information and computing assets in an age... ...
Use a shredder. Crosscut is preferred over a strip shredder.
Disposal of paper records containing Private or Confidential information should be accomplished by crosscut (or better) shredding, placement in a locked document destruction bin, or through vendor-supplied services under a contract approved by Purchasing.
CD, DVD, diskette, etc.
Use the media shredder (located at the ITS HelpDesk, 7B-1113).