Skip to Content Skip to Footer

Information Security



Clayton State University recognizes that information and information systems are critical to business functions. It is the responsibility of all users to ensure the safeguarding of business assets as our front line of defense. Information Technology Services (ITS) Security works with university departments, units, and executives in achieving its strategic vision as a partner to the campus community and educator in security awareness and training.

In today’s interconnected world, privacy concerns have become a global issue. Bad actors, including cybercriminals and foreign entities, regularly exploit digital vulnerabilities to breach networks, steal sensitive information, and undermine trust in public institutions. These risks are particularly serious in higher education, where we manage not only institutional operational data but also the personal information of our students, faculty, and staff. Robust security measures are essential to safeguard privacy and maintain the integrity of university systems.

As part of a continued effort, Governor Kemp’s administration has updated the list of prohibited apps and websites. In addition to TikTok, WeChat, and Telegram, the following apps are now also disallowed from use on any state-owned and/or -issued devices, including but not limited to mobile phones, laptops, and tablets:

  • RedNote (social media app)
  • DeepSeek (AI chatbot)
  • Webull (online stock trading)
  • Tiger Brokers (online stock trading)
  • Moomoo (investing app)
  • Lemon8 (social media app)

Applications such as the above list originate from foreign companies with unclear data handling and privacy practices which pose an unacceptable risk to university networks, systems, and institutional data. Therefore, these applications are prohibited on all State owned and USG-managed devices unless required for an authorized law enforcement or security purpose.

IMPORTANT: employees must not use any of these apps on devices--personal or institutional (Foundations)--that are used to access sensitive or restricted University/USG data, including but not limited to health records, financial data, or personally identifiable information. 


What is Information Security?



The term Information Security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

The Division of Information Technology Services (ITS) supports the mission of Clayton State University by building a culture of security awareness and risk management to protect the privacy, confidentiality, integrity, and availability of student, faculty, and staff information in partnership with Data Governance:

  • Confidentiality: Preventing the intentional or unintentional unauthorized disclosure of data.
  • Integrity: ensuring no modifications to data by unauthorized personnel or processes and ensuring internal and external data are consistent and accurate.
  • Availability: ensuring the reliable and timely access to data or computing resources by personnel.   

What is Cybersecurity?


Cybersecurity is protecting information and information systems by preventing, detecting, and responding to attacks.

The cybersecurity landscape continues to change with threat actors becoming more aggressive in their attacks. Information Security is committed to securing the University’s information assets by creating a more educated and secure campus through institutional partnerships.

Cybersecurity is EVERYONE'S responsibility.

Security Awareness


Learn to Identify Common Techniques

 

Phish Tank

Identity Theft Protection

 


Cybersecurity Awareness Training



Must be completed by all Faculty and Staff 

Cybersecurity awareness training is mandated by the Board of Regents in accordance with the USG IT Handbook: 5.9.2 Security Awareness, Training and Education Requirements for all users who access information or information systems. The University System of Georgia (USG) cannot ensure the confidentiality, integrity, and availability of the data asset until each person in the university system understands their roles and responsibilities and all data users have completed training to perform these tasks.

Awareness training will be conducted, attendance is mandatory, completion is documented and will provide practical and simple guidance pertaining to user roles and responsibilities. The governor’s directive for bi-annual cyber training is to achieve high standards system-wide and diligence in the protection and privacy of all data assets managed on a day-to-day basis.


Incident Reporting?



All users of information technology owned or managed by CLSU must immediately report suspected information security incidents (including but not limited to virus infections and computers exhibiting behavior consistent with a compromised machine) to the HUB:

• Events, incidents, and potential breaches (i.e., lost/stolen laptop or external thumb drive) to the HUB at (678) 466-4357 or thehub@clayton.edu

• In events, incidents, and potential/confirmed breaches involving Clayton State University data stored, accessed, managed, or otherwise used by a vendor, the CIO/ Information Security (IS) will involve Legal Counsel, Chief Data Officer, and Procurement Services to provide guidance and to determine if there is also a breach of contract that needs to be pursued. Incidents involving vendors, Information Security and/or the vendor will notify USG Cybersecurity through the Enterprise Service Desk helpdesk@usg.edu at 706-583-2001, or 1-888-875-3697 (Toll free within Georgia).

• Events, incidents, and potential breaches reported to Clayton State personnel by vendors must report the incident to USG Cybersecurity through the Enterprise Service Desk helpdesk@usg.edu at 706-583-2001, or 1-888-875-3697 (Toll free within Georgia) and the HUB at (678) 466-4357 or thehub@clayton.edu.