Policy Glossary S - U
Awareness of security and controls, in non-technical terms, conveyed to motivate and educate users about important security protections that they can either directly control or be subjected to.
An event that results in any of the following:
Unauthorized access or modification to the CSU information assets. An intentional denial of authorized access to the CSU information assets. Inappropriate use of the CSU’s information systems or network resources. The attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations.
Specific technical understanding of how to secure the confidentiality, integrity and availability of applications, operating systems and information assets to prevent or detect security incidents
An item which can be used to limit the visibility of content displayed on a computer screen to those who are immediately in front of it.
(also known as “System Personnel” or “Service Providers”)
Individuals, who manage, operate, support campus information systems; or manage networks.
For the purposes of the CSU Security Program, third parties include, but are not limited to, contractors, service providers, vendors, and those with special contractual agreements or proposals of understanding.
A person or agent that can cause harm to an organization or its resources. The agent may include other individuals or software (e.g. worms, viruses) acting on behalf of the original attacker.
Anyone or any system which accesses the CSU information assets. Individuals who need and use University data as part of their assigned duties or in fulfillment of assigned roles or functions within the University community. Individuals who are given access to sensitive data have a position of special trust and as such are responsible for protecting the security and integrity of those data.