FAQ

What are the various Algonquin College security units?

  • The Safety, Security and Emergency Management team oversees College general safety and security, including campus security systems and the security guard service. The main security office is located at C128. Security Services provides services to ensure the security and protection of staff, students and College assets on a 24hr/day basis.
  • The Information Technology Services (ITS) Information Security unit oversees College Information Security practices. This includes the protection of all information and information systems. The unit is located within ITS’ offices, located on the 3rd floor of Building C.
  • The two security units work closely together to help safeguard College informational assets.

What are the various Algonquin security contacts?

Where can I find more information about Information Security practices at Algonquin College?

Please visit our website at www.algonquincollege.com/infosec

What should I do about an unusual e-mail that I received?

First, congratulate yourself for being alert and helping secure our computing environment. There is a high likelihood that you may have received a “phishing” email attack. DO NOT click on any links. DO NOT reply or forward it to any other person. First, forward the email (using “forward as an attachment, or incorporate the full message within a new email) to spamorscam@algonquincollege.com so that we can analyze it. Then delete the email. You can read more about phishing attacks on the InfoSec website at www.algonquincollege.com/infosec

What should I do now about a phishing e-mail I clicked on?

You may have started cyber attack process that loads malicious software onto your computer, thus time is of the essence. Immediately contact the ITS Client Care at extension 5555 and/or drop a e-mail to 5555@algonquincollege.com. Please also notify the Information Security Unit at infosec@algonquincollege.com so that we can follow up. Turn your computer off until you receive ITS assistance.

What should I do about an e-mail I received that requests my user name and password?

Don’t reply! No professional business will ask you for your password through e-mail. Nor will the College. It is likely a phishing attack.

You should never tell nor share your passwords with anyone. Not even Algonquin College ITS staff.

If you ever accidentally divulge your password, you should change that password (wherever you have used that particular password) as soon as possible.

How do I create strong passwords meeting College requirements?

Directive IT05 (Information Sensitivity and Security) provides password use requirements.

  • Must be at least 8 characters in length, unless the system doesn’t support it
  • Must use at least one upper and one lower case character
  • Must use at least one number, Should include an odd character (!@#$%^&*)
  • Must not include personal information nor be found in a dictionary
  • Must be changed minimally every 120 days

It is a best practice to use a password of at least 12 characters in length, using an easy to remember pass-phrase that includes these mandatory character requirements.

It is also a best practice to use different strong passwords for different systems or websites. Online banking and other high value passwords should always have their own unique passwords.

Consider using an online password vault to help keep track of all of your passwords, such as lastpass.com.

How do I securely dispose of unwanted hard drives and other media?

As a staff member, you can drop off broken or unwanted hard disks, optical media, USB drives, diskettes and other computer media that you have used at work (or at home in support of work) and we will ensure they are securely disposed of and recycled in an environmentally friendly way. Doing so is a great way to help reduce the risk of accidental sensitive information disclosure, and possible costly breach notification. Contact infosec@algonquincollege.com

Are USB drives safe to use at the College?

No. USB drives – also called thumb drives – as well as portable hard drives, can hold a significant amount of sensitive information. If lost, and usually it is a question of “when” not “if”, it can result in the compromise of staff and/or student personal information, sensitive business information, and/or sensitive third-party information entrusted to the college. This in turn can lead to significant legislative penalties, lawsuits, and loss of reputation, among other risks.

You may not store sensitive College information on unencrypted USB drives. Therefore, If there are no alternative approaches and you must use a USB drive, then use a 4GB secure encrypting USB drive, which are available from the Information Security Unit or the New Technology Bookstore. Keep in mind that these require strong passwords to protect them – make sure to write the password down and store in a secure, locked place. If you lose the password, you will not be able to recover the information. There is no backup.

You may not store personal health information (PHI) on any portable media of any kind, encrypted or not.

Please contact the Information Security Unit for your particular information storage needs, at infosec@algonquincollege.com