Information Security

Technology changes on a daily basis. It allows students, faculty and staff to leverage innovations that help us all work faster, smarter and achieve more, but protecting information and assets is becoming increasing difficult in this hyper-connected world. The Information Security team partners with Endpoint Services, Network Services, and System Operations to provide cohesive Foundational Technology Services within ITS.

In an effort to protect the information of students, faculty, staff, alumni and friends, the University, working through the Information Security, Risk and Compliance Committee, maintains policies and process to help classify, find and secure information in compliance with state and federal regulations. 

Protecting data at WPI is addressed in five major areas. They include:  

  1. Identifying Sensitive Information. Not all data are equal; to help with the process of identifying what information is considered confidential, WPI created a Data Classification and Usage Policy which breaks out data into four major categories.
  2. Providing Rules for Data Usage.  Understanding how to access and store restricted use information vs. unrestricted information is also critical to keeping information safe. To assist with this process, rules on how to store and use data properly are also detailed in WPI's Data Classification and Usage Policy.
  3. Reviewing Data Collection Practices. On a routine basis, many employees receive sensitive data in both electronic and paper form. As part of WPI's efforts to comply with state regulations, we work with various departments on Data Privacy Assessments to ensure that the institution is handling all sensitive information properly.
  4. Retention and Destruction. Confidential data becomes more vulnerable to mishandling the longer it sits around. Data retention policies are useful documents that deal with complex issues of maintaining information for a pre-determined length of time. The Information Security, Risk and Compliance Committee is working on revising WPI's Retention and Destruction Policy. More details will be coming soon.
  5. Awareness and Training. Understanding threats to information is very important in avoiding data breaches. We continually share best practices and educate the community about information security risks and prevention.

Information Security Awareness

Preview

lock in front of WPI computer

SECURE IT is published monthly by WPI’s Information Security Office. View the latest edition. The newsletter is loaded with tips, videos, and resources about varied topics to educate our community about best practices for work and personal cybersecurity. Here you will find news highlights, phishing alerts, WPI Information Technology (IT) security and policy updates, and tips related to keeping devices and data secure.

RESOURCES including the latest phishing schemes, how-to articles, and more are available on the WPI Hub.

OUTREACH is offered to the community through webinars and in-person events advertised in SECURE IT, and select learning modules provided via KnowBe4. Employees also have access to Cybersecurity Awareness on-demand materials.

Meet the Information Security Team

LeeAnn LeClerc
LeeAnn LeClerc
Chief Information Security & Technology Officer, Information Technology Services

Phone: +1 (508) 8315000 x6774

LeeAnn LeClerc, CISSP is the Chief Information Security & Technology Officer (CISTO) for Foundational Technology Services (FTS).  As WPI’s Chief Information Security & Technology Officer (CISO / CTO), LeeAnn brings a wealth of experience and a strategic vision to fortify WPI against the evolving landscape of cyber threats. Working closely with Senior Leadership and the WPI community she is an advocate for the Institution's total information security and Technology needs and is responsible for the development and delivery of a comprehensive information security and infrastructure ...

Chev Right Icon of hollow arrow pointing right Arrow Right Icon of arrow pointing right view profile