An Administrative Procedure Governing Information Security Document #: Pol-slu-it-0004 Effective: August 7, 2025 Owner: Information Technology – Information Security Office 1. PURPOSE The purpose of this Information Security Program is to plan, implement and document the comprehensive administrative, technical and physical safeguards the institution implements to: Ensure the security, confidentiality, integrity, and availability of personal and other sensitive information St. Lawrence University collects, creates, uses, and maintains. Protect against any anticipated threats or hazards to the…

An Administrative Procedure Governing Information Security Document #: POL-SLU-IT-0012 Effective: September 9, 2025 Owner: Information Technology – Information Security Office I. PURPOSE St. Lawrence University (SLU) is responsible for ensuring the security of its information systems by defending its computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks and protecting the confidentiality, integrity, and availability of data. This standard aims to authorize appropriate personnel to investigate and respond to security incidents that immediately…

PURPOSE This standard specifies the technical requirements related to mobile devices that utilize the infrastructure and access Sensitive or Protected St. Lawrence University data. SCOPE St. Lawrence University considers mobile devices to be smart phones, tablets, or other types of highly mobile devices. Laptops are specifically excluded from the scope due to significant differences in security control options. There are two general types of mobile device categories that will impact the applicability of the Standard – University owned and BYOD (Bring Your Own Device)/personal devices. Users…

PURPOSE This standard specifies the technical requirements related to wireless communications and infrastructure at St. Lawrence University. The majority of restrictions for wireless communications is related to sensitive and protected university information, which is defined in the University Data Classification Policy. SCOPE The Wireless network at St. Lawrence University comprises a subsection of the institution’s network infrastructure. The scope of this standard includes infrastructure, user & endpoint access, and management related to these elements. Wireless infrastructure devices…