Know Your Risk: Find and use services that meet your risk classification
Yale classifies its data and IT Systems as high, moderate, or low risk.
As a user of Yale’s data, you are responsible for ensuring you access and store your data in services that match your risk classification.
Do you know the risk of the work that you do? If not, visit our Risk Classification Guideline to learn more.
All systems used to access Yale data must meet the Minimum Security Standards for their risk classification. This ensures you are working securely.
Looking for a service to do your work at Yale securely? This page outlines how to find an existing service that meets your risk level or what to do if you’re using a new system.
To find an existing service…
There are various services and software that can help you do your work securely at Yale. To find a service or software that you need, visit the IT at Yale website. Here, you can search service pages that will indicate the risk classification the service can meet. You can also contact the Service Owner to determine if the application or software is secure for the work you are doing.
When building or purchasing a new service…
If you are building or purchasing a new service or software, this will require a Security Planning Assessment (SPA). The SPA process can confirm if services are secure for the risk classification of your work.
Need Help?
We are here to help you work securely at Yale. To learn more about finding the right service for your work, You can use one of these options:
- Contact your local IT Support Provider. We also refer to this as the user support provider. For more details on this role, visit our MSS page.
- Email information.security@yale.edu with questions regarding the Security Planning Assessment (SPA).
- Contact the ITS Help Desk via phone or email.
Phone: 203-432-9000
Email: helpdesk@yale.edu