The purpose of this policy is to assist the organization in its efforts to fulfill its fiduciary responsibilities relating to the protection of information assets and comply with regulatory and ...

A consultant colleague recently reached out with some questions on how to craft a good organizational information security policy. I’ve got experience with this, as a graduate-level legal instructor, ...

The University at Buffalo Information Technology Office (UBIT)’s Information Security Program addresses the full range of information security issues that affect the university, and establishes a ...

Approval and sponsorship for an information security strategy is only the beginning. Implementation of the strategy is when risk is truly mitigated, and applying these five principles is vital to ...

Back in 2006, British mathematician Clive Humby stated that data was the new oil. Like oil, data isn’t useful in its raw state and must be refined, processed, and distributed to deliver value. Nearly ...

The purpose of this policy is to provide a security framework that will ensure the protection of University Information from Unauthorized Access, loss, or damage while supporting the open ...