Information Security

The Office of Information Security (OIS) manages security policies and compliance, protects information assets, creates security awareness and investigates university cybersecurity incidents.

The Office of Information Security (OIS) in the Office of Technology Services (OTS) plays a vital role in ensuring that your computing experience at Towson University is as safe as possible. To do this, OIS is constantly working to prevent phishing scams and the spread of viruses, fend off hackers and perform other behind the scenes security tasks.

Shared Responsibility

Taking the time and responsibility to keep your computer safe and to protect your personal information is a shared priority during your time here at Towson University. Explore the Office of Information Security’s web pages for essential tools and tips to help better secure your computer, personally identifiable information (PII) and data.

Recognize

OIS provides guidance on how to identify and address phishingspam, and virus and malware.

Protect

To create security awareness, OIS provides resources to help you stay safe online. Learn how to protect your password informationmobile devices, and personal data.

Respect

Respect and consider copyright awareness resources when accessing the various university computer systems and creating intellectual property.  

Guidelines for securely hosting online meetings

Webex Meetings Security Guidelines

Follow these guidelines when hosting Webex meetings:

  • Verify attendees/participants prior to interacting within the meeting.
  • Do not enter, process, or store any Confidential Data (e.g., Social Security Numbers, Government IDs, Protected Health Information, etc.).
  • Do not share your audio Host PIN with anyone.
  • Provide meeting passwords only to users who need them.
  • See Cisco's detailed instructions for securely hosting Webex meetings

Webex Personal Room Configurations

Configure the following Webex preferences for your personal room:

  • Enable/Check Room Lock: "Automatically lock my room 0 minutes after meeting starts so people can’t enter until I admit them."
  • Enable/Check Lobby Notifications: "Notify me by email when someone enters my Personal Room lobby while I am away."
  • Disable/Uncheck Personal Room Delegation: "Let others host my Personal Room meetings without me." 
  • If you need to allow someone else to host the meeting, select the “Let me choose alternate hosts for my Personal Room meeting" and enter their email address.

Zoom Meeting Security Guidelines

Follow these guidelines when hosting Zoom meetings:

  • Verify attendees/participants prior to interacting within the meeting.
  • Do not enter, process, or store any Confidential Data (e.g., Social Security Numbers, Government IDs, Protected Health Information, etc.).
  • Don’t publish your Zoom Personal Meeting ID or URL publicly.
  • Provide meeting passwords only to users who need them.
  • Reference Zoom’s best practices for securing your Zoom Meetings (PDF).

Zoom Personal Room Configurations

Configure the following Zoom preferences for your personal room:

  • Enable/Check “Only authenticated users can join meetings” (also for Web client): The participants need to authenticate prior to joining the meetings, hosts can choose one of the authentication methods when scheduling a meeting.
  • Enable/Check “Waiting Room”: When participants join a meeting, place them in a waiting room and require the host to admit them individually.
  • Disable/Uncheck “Co-host”: Allow the host to add co-hosts. Co-hosts have the same in-meeting controls as the host.
  • Enable/Check Screen Sharing: One participant can share at a time (or multiple participants simultaneously.
  • Use Zoom “Security” button features to quickly secure your meeting once you start a meeting.
 

Confidential/Sensitive Meetings

Be extra diligent about protecting TU confidential data: 

  • Understand TU's definition and classifications of confidential data.
  • Make sure the meeting is not recorded.
  • Ensure the meeting is password protected, which requires participants to enter a password to join.
  • Confirm meeting topics or calendar invites do not include any sensitive information.