Drexel

According to US News, Drexel University’s 2018 student enrollment was 21,975 (US News Best Colleges). During the 2017-2018 academic year, Drexel also employed 6,840 people (2017-2018 Drexel University Factbook).

Between applications for acceptance (Drexel accepts approximately 75% of applicants and not all that are accepted choose to enroll), student and employee-generated data (both past and current students), communications, etc., there is a lot of information being generated at Drexel University.

Universities are unique examples of information management and security because employees and non-employees use organizational IT resources.Information management and security policies are critical to protecting any organization and its people, including Drexel.

In this assignment, you will find and learn about the information technology policies and practices in place to keep Drexel information secure and to avoid misuse and unethical behavior. In order to complete the assignment, you will first need to locate the Drexel Epolicies and Information Security webpages. Read the information provided. Then, answers the questions that follow.

https://www.usnews.com/best-colleges/drexel-university-3256
http://drexel.edu/institutionalresearch/factbook/drexel_factbook/2017-2
1. In your own words, describe the policy pertaining to your email privacy. In which Drexel policy did you find this information? Why is it important for Drexel to have this policy and make the policy available to institutional users?
2. Drexel’s Security of Information and Networked Systems describes the steps that Drexel takes to keep your information safe and the steps that you are expected to take for the same purpose. The ‘General Password Policy’ appendix outlines their expectations for your Drexel password. Read through the policy.

This week, we discuss authentication and authorization. Does this policy relate to single, two or multifactor authentication? Is this an effective information security method? Why or why not?

According to the policy, how often are you expected to change your password?

Does Drexel enforce their password policies? Explain.
3. Drexel offers many encryption services, which are outlined here: Encryption_Brochure.pdf. Which line of defense involves encryption? Which encryption described in the brochure pertain to you as a student? How does Drexel prevent the dissemination of unencrypted sensitive information?
4.

Drexel’s network users are frequently the targets of phishing attempts. In fact, Drexel provides a gallery of these fake/scam emails for users to view here: http://drexel.edu/it/help/viruses/debunker/.

What line of defense protects against phishing?

Do you see any common themes or attributes in these emails? How can you protect yourself from phishing? How can Drexel protect you and their organization?
5. Prior to this assignment, were you familiar with the information management and security policies at Drexel? Did any policies in particular surprise you?

Are there any information management or security policies or methods that Drexel does not currently have in place that you believe they should include?