Educause Security Discussion mailing list archives
Re: Confidentiality agreements and IT staff
From: George Farah <george.farah () QUEENSU CA>
Date: Thu, 29 Mar 2012 21:56:21 +0000
Good day As part of the personnel security evolution on my campus, working with legal counsel, I created three CNDAs. One for staff, one for contractors and one for vendors. With engagement and collaboration with HR, and different constituents on campus, we moved on it with IT staff and those who had access to admin systems. From there we are progressing towards integrating in distributed recruitment processes to catch all as they come through the door, staff, faculty and students working with the university. I am a firm believer in the value of CNDA as a personnel security control. Hope that helps Have a great day George Farah, GIAC/GSEC Gold, CRISC, CISA University Information Systems Security Manager Queen's University, Kingston, Ontario, Canada k7l 3n6 george.farah () queensu ca -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David Seidl Sent: March-29-12 9:18 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Confidentiality agreements and IT staff Folks, I'm curious if you currently require all or most of your IT staff to sign a confidentiality agreement at hire on a recurring basis, and if so, what your reasons for doing so are. We've had one in place for new hires for years, and our business staff has asked if we can dispense with it as a general requirement for all IT staff. I've done a bit of review, and can't find a direct requirement to point to for people who don't have direct compliance related assignments. Thanks in advance for your feedback and comments! David David Seidl, CISSP, GCIH, GPEN Director of Information Security Office of Information Technologies University of Notre Dame Notre Dame, IN 46556 (574) 631-7305 dseidl () nd edu
Current thread:
- Confidentiality agreements and IT staff David Seidl (Mar 29)
- Re: Confidentiality agreements and IT staff Valdis Kletnieks (Mar 29)
- Re: Confidentiality agreements and IT staff Bob Bayn (Mar 29)
- Re: Confidentiality agreements and IT staff Dennis Tracz (Mar 29)
- Re: Confidentiality agreements and IT staff Brian Helman (Mar 29)
- Re: Confidentiality agreements and IT staff Dennis Tracz (Mar 29)
- Re: Confidentiality agreements and IT staff Brian Helman (Mar 29)
- Re: Confidentiality agreements and IT staff Dennis Tracz (Mar 29)
- Re: Confidentiality agreements and IT staff David Seidl (Mar 30)