The Information Security Office working closely with the Network and Systems team and the Information Security Committee maintains, monitors and provides information security administration and guidance for the Siena College Community with resources and best practices.
These resources and best practices are set in place to help protect the confidentiality, integrity, and availability of data pertaining to Siena College and its community members.
Objectives: Security awareness training, incident response management, information management compliance, risk assessments, privacy, and policy development.
The Information Security Office provides the Siena Community with current security policies and procedures, staff awareness, as well as current security news and tips.
Information security is not just a computer issue. Information security is a business issue. An institution needs to come to terms with an acceptable level of risk, one that balances the health of the network with the health of the academic enterprise.
Mobile Device Management
It differs from traditional phishing attacks in that spear-phishing attacks require research before they are executed.
A traditional phishing attack might occur when someone sends a message to thousands or even millions people with the text “OMG! I cannot believe you are in that video ” whereas a spear-phishing attack would consist of examining carefully the target and his habits. For example, if you mark yourself as attending an event in New York next week but you have set your location to Boston in Facebook an attacker might send a message resembling this: “Hi, John. I heard you are going to New York next week. While you are there, you should definitely check this wonderful restaurant there, I am sure you would love it!”