Information Security Policy

Mississippi State University necessarily maintains a large amount of sensitive information ranging from personal information about employees and students to research data. Protection of this information from leaks, break-ins, and natural or man-made disasters is of paramount importance. To this end, the Mississippi State University Information Security Policy, OP 01.10, mandates a framework of four components that collectively enhance the information security posture of the institution. These four components are:

  • The Information Security Program which identifies technologies, procedures, and best practices to ensure ongoing institutional focus on the protection of information.
  • The Incident Response Plan which prescribes procedures to effect a timely and appropriate response in the event of an information security breach.
  • The IT Disaster Recovery Plan which mandates procedures to effect the timely and orderly restoration of information technology resources and services in the event of a significant interruption or natural disaster.
  • The Information Technology Council which is charged with oversight and coordination of the Information Security Program, the Incident Response Plan, and the IT Disaster Recovery Plan, as well as review of all significant information security incidents.

While technologies, procedures, and best practices are important tools in protecting the university's information, it is ultimately the responsibility of each individual who has access to the information to maintain proper safeguards to prevent sensitive data from being inappropriately disclosed, damaged, or lost.