CSC Information Technology Policies
Incident Response Policy
The purpose of this policy is to clearly define roles and responsibilities for the reporting, investigation and response of computer security incidents and data breaches.
Computer Use Policy
The purpose of this policy is to educate users about their responsibilities regarding acceptable use of University computers/networks. We also describe and prohibit unacceptable use of University computers/networks.
Information Systems Security Policy
This general security policy has been developed to ensure data integrity and confidentiality for all administrative computer systems at the ÌìÃÀÓ°ÊÓ´«Ã½. This document will provide guidelines for the classification of data resources, and subsequent retrieval and dissemination of that data by various user groups.
Public Use Computer Signage Policy
This policy provides information related to use of computers in publicly accessible locations and the appropriate use of them to protect personal and confidential information.
USA Software Policy
This policy provides guidance in the use of copyrighted software. It was developed by a faculty committee and has been approved by the University's Deans and President as a University policy.
Network Connectivity Policy
The University networks support a wide variety of devices and services of critical importance to the operations of the University. In addition to providing University constituents access to electronic mail, Internet, and file and print services, the networks also support telephony, monitoring of environmental control and other equipment, remote security monitoring, and other essential University services.
Federal Higher Education Opportunity Act of 2008 (HEOA)
The Federal Higher Education Opportunity Act of 2008 (HEOA) imposes various requirements on higher education with respect to illegal sharing of copyrighted material by network users. This document contains guidelines regarding legal and policy implications of illegal file sharing plus legal alternatives for obtaining copyrighted materials.
Software and Cloud Services Purchase/Acquisition Policy
The purpose of this policy is to ensure the compatibility, integrity, and security of University data systems.
Social Security Number (SSN) Protection Policy
The ÌìÃÀÓ°ÊÓ´«Ã½ (USA) collects social security numbers (SSNs) in the process of performing activities for the expressed purpose of supporting the University's mission. An individual's SSN is private and confidential, and every effort must be made to prohibit disclosure and/or improper usage. The purpose of this policy is to limit access to SSNs stored in USA’s files and databases to persons who require them in order to perform their jobs.
Vulnerability Management Policy
Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities that may lead to security or business risk. The Computer Services Center (CSC) is dedicated to securing the network by enforcing proper vulnerability management practices. This policy includes roles and responsibilities of groups, personnel, the vulnerability management process and procedure, and the risk assessment and priorities of identified vulnerabilities.