Storing and transporting electronic information, if done without appropriate attention to the security of that information, can expose it to unauthorized access, theft, and other risks. The greatest concern is with information considered personal and confidential, and that is a primary focus of the Electronic Information Security Guidelines.
Unfortunately, many prominent universities have endured serious incidents where personal or confidential information was exposed, often unintentionally. The risks can be great, both for the individual whose personal information may fall into the wrong hands, and for the University in terms of reputation, legal and other costs, and embarrassment. The level of risk is also increasing quite rapidly. In recent years, the number of information security incidents at universities and the number of universities affected both increased by almost 70%. Because information handling practices at universities are generally believed to be more lax, universities are being increasingly targeted by persons seeking to access personal data for whatever purpose, including identity theft.
So, it is incumbent upon all members of the Queen's community to be aware of risky practices to avoid, and to understand and adopt safer information handling and management practices. Much effort and funding has been going into strengthening the information security defences around Queen's systems, and we need everyone to exercise greater diligence to preserve the integrity and privacy of information at Queen's.
Please contact the Information Systems Security Office.