Tools and Resources




  • Campus border firewall. A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in hardware, software, or a combination of both.
  • Encryption. Encryption converts data into a secure form that can be safely moved around and helps CSU, Chico meet its obligations under various data protection laws and policies. One of the most effective ways to protect personally identifiable or other confidential information stored on a computer is to encrypt it.
  • Password Management Software. Provides helpful tools to assist you with creating and storing passwords.
  • Personal Certificates and Digital Signatures. Personal Certificates allow you to sign and encrypt email and digitally sign documents.
  • Vulnerability Management and Scanning. Vulnerability scans provide critical information to the Information Security Office and management as part of the risk assessment process for campus systems.


  • Cloud Computing Security Cloud computing security, including Software as a Service (SaaS), makes use of the cloud computing infrastructure to deliver one application to many users, regardless of their location. Cloud storage of files can expedite collaboration and sharing of information, however users need to be aware that CSU, Chico explicitly forbids the storage of University Level 1 Protected Information and restricts the storage of Level 2 Private Information.
  • Information Security Awareness and Training- CSU, Chico provides Information Security Awareness online and on-campus training materials designed to provide staff and faculty with the knowledge they need to secure information resources.
  • Mobile Device Security. Do's and don'ts to keep your mobile devices and the data stored on them secure against hacking and other security issues.
  • Online Cloud Storage and E-mail. Frequently Asked Questions and Answers relating to storing data in the cloud shares and sending email and attachments securely.
  • Records Retention. Campus implementation of the CSU Executive Order 1031. It is intended to ensure compliance with legal and regulatory requirements regarding records retention while implementing appropriate oprational best practices.
  • Resources for Managing Third Parties and Contracts. The CSU information security policy provides direction for managing third party relationships and contract language.
  • Secure Disposal of Paper / Shredding and Electronic Media. Any data storage medium - paper, computer, scanner, copier, hard drive, tablet, smartphone - should be treated as if it contained protected data and must be securely wiped prior to transfer or disposal.
  • System/Server Security Worksheet
  • Payment Card Industry Data Security Standard (PCI DSS) Compliance