Image Spacer
Site Index | Phone Directory | Search
Long Beach City College Image Spacer
spacer
Site Navigation
Information Security Home
Instructional & Information Technology
Data Classification
Phishing
 
spacer
Image SpacerAdmissionsCounselingDisabled Student ServicesEOPSFinancial Aid
Gray rule
spacer
spacer
Information Security Home
Information Security

Information Security Overview 

Information Security is the set of processes that safeguards information and its related assets, regardless of its current form or state. As such, information security encompasses more than computer security. For instance, in addition to cyber-criminals attempting to gather confidential information, it includes physical risks such as theft and natural disasters.

The California State Administrative Manual defines Information Security as follows.

“Information security refers to the protection of information, information systems, equipment, software, and people from a wide spectrum of threats and risks. Implementing appropriate security measures and controls to provide for the confidentiality, integrity, and availability of information, regardless of its form (electronic, optical, oral, print, or other media), is critical to ensure business continuity, and protect information assets against unauthorized access, use, disclosure, disruption, modification, or destruction. Information security is also the means by which privacy of personal information held by state entities is protected.“

Information security management is an ongoing process of continual improvement. The Long Beach Community College District (LBCCD) is committed to protecting and managing its information assets. Therefore, LBCCD is in the process of adopting the California Community College Information Security Standard as defined by the California Community College Security Center.

Basic Principles

The CIA triad (Confidentiality, Integrity, and Availability) is a model that is used to guide security policy development. In the context of the CIA triad, ISO27002 defines information security as the preservation of the following.

Confidentiality 
Ensuring that information is accessible only to those authorized to have access.
Integrity
Safeguarding the accuracy and completeness of information and processing methods.
Availability
Ensuring that authorized users have access to information and associated assets when required.

Data Classification

LBCCD collects, compiles, stores, and manipulates data from a variety of sources. In order to apply the appropriate security protocols for safeguarding the data, the college must first classify the data into one of three levels: (1) confidential, (2) internal use, and (3) general.

Level 1: Confidential
Protected data that is sensitive in nature, poses a severe risk if exposed, and/ or is governed by legal statute. 
Level 2: Internal Use
Protected data that is sensitive in nature, and/ or poses a moderate risk if exposed.
Level 3: General
Disclosure of this information does not expose the college to financial loss or jeopardize the security of the college’s information assets.

Further details regarding data classifications can be found in the Long Beach Community College District Data Classification Standard.

Awareness and Training

The LBCCD security awareness program shall provide and promote awareness of the following.

  • LBCCD information security policies, standards, procedures, and guidelines. 
  • Potential threats against LBCCD protected data and information assets. 
  • Appropriate controls and procedures to protect the confidentiality, integrity, and availability of protected data and information assets. 
  • LBCCD notification procedures in the event protected data is compromised.
LBCCD shall provide basic information security training for all employees. Individuals whose job functions require access to level 1 or level 2 data will undergo training relevant to those classifications.



spacer