Information Security Management

Overview

This page provides guidelines, procedures, and standards for managing information security within the College of the Environment. It outlines best practices for protecting sensitive data, managing system vulnerabilities, and responding to security incidents.

Key Policies and Guidelines

1. Incident Response

• FRM-3000.07I: WWU System Incident Response Plan (SIRP) Template

• GDL-3000.07I: Cybersecurity Incident Response Guidelines

2. Account and Access Management

• GDL-3000.07A: Account Types and Passwords

• GDL-3000.07B: Authentication and Access Security Controls

3. Data Management

• GDL-3000.07C: Data Classification Guidelines

• GDL-3000.07J: Encryption Guidelines

4. System Management

• GDL-3000.07D: System Patching Guidelines

• GDL-3000.07E: System Vulnerability Management Guidelines

• PRO-3300.01: Automated Server Configuration Management

• PRO-3300.02: Virtual Asset Categorization

5. Endpoint Protection

• GDL-3000.07F: Secure Endpoints: Deployment and Configuration Guidelines

• GDL-3000.07G: Endpoint Malware and Threat Protection Guidelines

6. Change and Release Management

• GDL-3000.07H: Change and Release Management Guidelines

• PRO-3000.07H: Change and Release Management Procedure

Standards and Procedures

Authentication and Network Services

• STN-3300.01: Providing Wireless Network Service to Campus

• STN-3300.02: Supported Authentication Services

• STN-3000.02: Container Hosting

Security Notifications

• STN-3300.04: DMCA Notifications

Computing and Device Use

• STN-3000.04: Responsible Computing User Agreement

• STN-3300.03: Caller ID Masking

Reporting Security Incidents

If you encounter a security incident or suspect a breach, please refer to the Cybersecurity Incident Response Guidelines for detailed steps on reporting. Early reporting is crucial to protecting our network and sensitive data.

For Assistance

For any security-related questions or issues, please contact:

Beth | Director of Information Security
Email: beth@wwu.edu