While your department may have staff who provide computer setup and assistance, ultimately you are responsible for taking care of your computer and guarding the information it holds. Following security guidelines and good business practices is part of doing your job. "The vast majority of computer breaches that we have investigated over the past few years have been the result of poor personal choices, weak computer practices, and less-than-satisfactory data-handling procedures." — Steve Schuster, director of IT Security at Cornell
It is the responsibility of everyone who uses a computer at work to protect Cornell data. The data on your computer is university property that has been placed in your care.
Much of the data we work with is sensitive, such as Social Security numbers, payroll information, grades, and more. However, all university data needs to be protected. For more examples of sensitive data see Different Types of Information.
Keeping your computer secure takes vastly less time than recovering from a security problem. If your computer is compromised, you will likely lose access to it for at least a few hours, possibly days. You may also lose any work you did since your computer was last backed up.
If the security problem put sensitive data at risk, or if your computer is lost or stolen, the effects can be far-reaching:
Recovering from a computer compromise or loss of sensitive data, large or small, can take many people many hours and, as a result, is an expensive activity. For details on steps taken, and people involved to investigate an incident, see Protecting University Data, Consequences of Mishandling Sensitive Data.
In the News: Stanford workers' data on stolen laptop
