Information Technology

Campus Information Technology Security Policy

In order to fulfill its mission of teaching, research, and public service, the campus is committed to providing a secure yet open network that protects the integrity and confidentiality of information while maintaining its accessibility. Each member of the campus community is responsible for the security and protection of electronic information resources over which they have control. Resources to be protected include networks, computers, software, and data. The physical and logical integrity of these resources must be protected against threats such as unauthorized intrusions, malicious misuse, or inadvertent compromise. Activities outsourced to off-campus entities must comply with the same or equivalent security requirements as in-house activities.

Privacy and Online Monitoring

Defines requirements for notice, analysis, review, and approval of routine monitoring practices. If monitoring involves electronic communications, the escalation process for non-routine use of monitoring data must meet the requirements of the systemwide Electronic Communications policy.

Privacy Statement for UC Berkeley Websites

Ensures that campus websites and servers do not actively share (re-distribute or sell) personally-identifiable information that they may collect

Campus Online Activities Policy

Establishes policy for areas not addressed by other existing policies, related to the use of electronic resources.

Email Service Policy

Campus Email Service supplies email and mailing list services in support of the University's mission of education, research and public service and to conduct the University's business. Access to and use of Campus Email Service is a privilege accorded at the discretion of the University. Use of campus email service is subject to legal and policy restrictions that apply to all University property and by constraints necessary for the reliable operation of electronic communication systems and services. The Berkeley Campus reserves the right to deny access to use campus email service when necessary to satisfy these restrictions and constraints.

Acceptable Use of Technology Resources ("Acceptable Use Policy")

In support of the University's mission of teaching, research, and public service, the University of California, Berkeley provides computing, networking, and information resources to the campus community. This policy defines how those resources may be used.

Redelegation to Associate Vice Chancellor - Information Systems and Technology (2003)

Brief description of redelegated authority:

Serve as Berkeley campus Electronic Resource Security Guidelines Coordinator

Date: 3/26/2003 Delegated from: Chancellor Delegated to: Associate Vice Chancellor - Information Systems and Technology Can redelegate? Yes Original document source: BFB-IS-3_chancellor-to-AVC.IST_30840457_accessible.pdf(link is external)

Domain Name System (DNS) Service Policy and Resources

The purpose of this policy is to define the terms under which the Domain Name System (DNS) is operated and maintained while also ensuring that the requirements of stakeholder groups are met. This policy is intended to ensure that the University utilizes limited DNS resources appropriately, that the University’s name and brand is protected, that security and legal risks are mitigated, and that DNS resources are allocated to the campus community appropriately.

Minimum Security Standards for Networked Devices (MSSND)

UC Berkeley’s Minimum Security Standards identify the minimum level of protection required for devices on our campus network and devices that store, process, or access institutional information.

Minimum Security Standards for Electronic Information (MSSEI)

The Minimum Security Standards for Electronic Information (MSSEI) define minimum security standards for all UC Berkeley Institutional Information and IT Resources. All Workforce Members who use or have access to Institutional Information and/or IT Resources must comply with the applicable information security requirements defined by the MSSEI.