Information Security

Technology changes on a daily basis. It allows students, faculty and staff to leverage innovations that help us all work faster, smarter and achieve more, but protecting information and assets is becoming increasing difficult in this hyper-connected world. The Information Security team partners with Endpoint Services, Network Services, and System Operations to provide cohesive Foundational Technology Services within ITS.

In an effort to protect the information of students, faculty, staff, alumni and friends, the University, working through the Information Security, Risk and Compliance Committee, maintains policies and process to help classify, find and secure information in compliance with state and federal regulations. 

Protecting data at WPI is addressed in five major areas. They include:  

  1. Identifying Sensitive Information. Not all data are equal; to help with the process of identifying what information is considered confidential, WPI created a Data Classification and Usage Policy which breaks out data into four major categories.
  2. Providing Rules for Data Usage.  Understanding how to access and store restricted use information vs. unrestricted information is also critical to keeping information safe. To assist with this process, rules on how to store and use data properly are also detailed in WPI's Data Classification and Usage Policy.
  3. Reviewing Data Collection Practices. On a routine basis, many employees receive sensitive data in both electronic and paper form. As part of WPI's efforts to comply with state regulations, we work with various departments on Data Privacy Assessments to ensure that the institution is handling all sensitive information properly.
  4. Retention and Destruction. Confidential data becomes more vulnerable to mishandling the longer it sits around. Data retention policies are useful documents that deal with complex issues of maintaining information for a pre-determined length of time. The Information Security, Risk and Compliance Committee is working on revising WPI's Retention and Destruction Policy. More details will be coming soon.
  5. Awareness and Training. Understanding threats to information is very important in avoiding data breaches. We continually share best practices and educate the community about information security risks and prevention.

Information Security Awareness

Preview

lock in front of WPI computer

SECURE IT is published monthly by WPI’s Information Security Office. View the April 2024 edition. The newsletter is loaded with tips, videos, and resources about varied topics to educate our community about best practices for work and personal cybersecurity. Here you will find news highlights, phishing alerts, WPI Information Technology (IT) security and policy updates, and tips related to keeping devices and data secure.

RESOURCES including the latest phishing schemes, how-to articles, and more are available on the WPI Hub.

OUTREACH is offered to the community through webinars and in-person events advertised in SECURE IT. Employees also have access to Cybersecurity Awareness on-demand materials via the WPI Learning Academy.

Meet the Information Security Team

LeeAnn LeClerc
LeeAnn LeClerc
Chief Information Security & Technology Officer, Information Technology

Welcome to the fortress of cybersecurity expertise, where LeeAnn LeClerc, CISSP and the Information Security & Architecture team stand as the vigilant guardians of our digital landscape. As WPI’s Chief Information Security Officer (CISO), LeeAnn brings a wealth of experience and a strategic vision to fortify WPI against the evolving landscape of cyber threats.A seasoned cybersecurity professional with a career spanning more than 20 years in Information Technology including networking, infrastructure and cybersecurity, Leeann has dedicated her expertise to the art and science of securing ...

view profile