Protecting the Barnard Community from Network-Based Cyber-Threats
Effective Date: April 15, 2019
Executive Summary
Barnard College needs to protect the Barnard community from the cyber based threats on our networks. This policy defines when and how traffic on the Barnard network will be protected from cyber threats through the most effective use of the security tools at the College’s disposal to manage this changing risk.
BCIT will continue to evaluate security threats and adjust our protections to keep pace with the changing risk.
An exception process will be available to enable access to known malicious sites for research purposes, if necessary.
Reason for the Policy
Every month Barnard sees an increasing number of attempted cyber-attacks that we protect against. Some of these attacks are designed to remove data from our environment. Imminent changes will block malicious inbound and outbound traffic using enhanced capabilities on our firewalls.
BCIT is not implementing these enhanced controls to censor use of the Internet or Barnard resources, but rather to help protect the Barnard community and the sensitive and personal information that we manage on behalf of our community, from known cyber threats.
Who is Responsible for This Policy
Barnard's Vice President for Information Technology or her designee and the General Counsel are responsible for the maintenance of this policy and for responding to questions regarding this policy. The college reserves the right to amend this policy at any time.
Who is Governed by This Policy
This policy applies to all individuals on the Barnard College campus who use the Barnard network.
Policy Statement
In order to protect the Barnard community from malicious internet traffic, BCIT has enhanced security controls on our network. Effective immediately, BCIT will block network traffic associated with critical cyber threats pertaining to malware, phishing, and spyware as identified by our network security devices.
From time to time, BCIT may block malicious traffic to and from the Barnard network or to specific targeted devices to respond to a security incident or ongoing threat under exigent circumstances. These actions will be taken in coordination with the Office of General Counsel in order to protect the health of our systems and confidentiality of College and/or personal information.
When network traffic is blocked, a notification from the security system explaining the rationale for the block will be provided, whenever possible.
lf access to a blocked location or function is needed, an exception request can be submitted through the BCIT Service Desk. In some cases, the risk to the Barnard community and our sensitive information may be too significant for the exception to be approved and an alternate solution may be required.
Cross Reference to Related Policies
Data Access Policy
Acceptable Use Policy
For questions or comments:
Barnard College Information Technology
Telephone: 212-854-7172
Revision History
Policy Issued: 04-15-2019