Policy

The Information Security Policy: Doing Data Right

The McMaster University community has a lot of information to protect and the Information Security Policy helps us to do just that. This Policy provides concrete guidelines that will help everyone identify sensitive information, and configure the IT security controls that are required to protect it. This Policy is founded on established information security principles, common frameworks and accepted best practices.

  • Whether it is personal information, personal health information, or intellectual property, we all share the responsibility to keep it safe and private.
  • Whether you are a student, staff, faculty, or guest, you play an important role in keeping our information safe.
  • No matter where information is stored — in a spreadsheet on your laptop, in a secure database on campus, or in the cloud – you need to understand its value and protect it.

As technology becomes increasingly pervasive in our professional and personal lives—not only on our phones and computers, but embedded in even the most mundane devices like thermostats, refrigerators, and cars—cybersecurity, likewise, becomes increasingly indispensable. It is essential that all stakeholders—whether engineer, developer, provider, or end-user—understand the inherent security risks of a technology, and implement a coordinated response to mitigate these threats. The IT groups on campus can, with the cooperation of users, help evaluate and coordinate this response on campus and beyond.

Ryan Poole, Senior Technical Specialist, Computer Services Unit