Information Technology

Computer Use Policy

Misuse of computing, networking, or information resources may result in the restriction of computing privileges. Additionally, misuse can be prosecuted under applicable statutes. Users may be held accountable for their conduct under any applicable University or campus policies, procedures, or collective bargaining agreements. Complaints alleging misuse of campus computing and network resources will be directed to those responsible for taking appropriate disciplinary action. Reproduction or distribution of copyrighted works, including, but not limited to, images, text, or software, without permission of the owner is an infringement of U.S. Copyright Law and is subject to civil damages and criminal penalties including fines and imprisonment.

Read more about Computer Use Policy

Online Activities Policy

Establishes policy for areas not addressed by other existing policies, related to the use of electronic resources.

Read more about Online Activities Policy

Minimum Security Standards for Networked Devices - (MSSND)

UC Berkeley’s Minimum Security Standards identify the minimum level of protection required for devices on our campus network and devices that store, process, or access institutional information.

Read more about Minimum Security Standards for Networked Devices - (MSSND)

Protection of Computerized Personal Information

The purpose of this State provision and University implementing requirements is to enhance the management of personal information that could be used, possibly in conjunction with other information, to impersonate an individual in ways that might cause serious loss of privacy and/or financial damage.

Read more about Protection of Computerized Personal Information

Data Classification

The UC Berkeley Data Classification Standard is UC Berkeley’s implementation of the UC Systemwide Data Classification Standard. UC BFB IS-3 establishes that Institutional Information and IT Resources must be protected according to their classifications. This Standard is a framework for assessing the adverse impact that loss of confidentiality, integrity or availability of Institutional Information and IT Resources would have upon the Campus. It provides the foundation for establishing security requirements for each classification of data.

Read more about Data Classification

Administering Appropriate Use of Campus Computing and Network Services

These Guidelines are intended to assist Berkeley Campus departments or units to ensure appropriate use of their computing and network services and to respond correctly to allegations of misuse. Berkeley Campus departments or units may choose to provide or not provide computing and network services to defined categories of users, and may limit the types of services they do choose to provide. These decisions are based upon consideration of campus or local department or unit missions, available resources, or other academic or business needs and priorities. Berkeley Campus departments or units who do provide computing and network services (hereinafter referred to as "Providers") must ensure that their services are administered in compliance with any applicable regulations and principles. To this end, they must keep themselves informed regarding current regulations and practices, consulting with campus authorities or documentation resources as required. Since the Campus may be viewed as one legal entity, actions taken by Providers in response to allegations of misuse must be as consistent as possible for similar situations, both within a particular department or unit as well as in comparison to others on campus. To help Providers meet this requirement, various campus resource offices are available for consultation and/or referral for action.

Read more about Administering Appropriate Use of Campus Computing and Network Services

Application System Development Policy

This Policy applies to major application system development or enhancement. "Major" means either a system that has users in more than one department, or a single-department system that is expected to cost more than $100,000, to develop and implement. Cost includes hardware, software, and contract personnel.

Read more about Application System Development Policy

Domain Name System (DNS) Service Policy

The Information Systems and Technology - Communication and Network Services (CNS) department is the steward of the Berkeley Campus network. In fulfilling that role, CNS serves as the central point of contact for the outside world and has responsibility to ensure that management of this University resource complies with applicable laws and regulations.

Read more about Domain Name System (DNS) Service Policy

Routine Network Monitoring Policy

Monitoring of the Berkeley Campus network shall conform to the requirements of the ECP as implemented on the Berkeley Campus and be performed only by authorized UC employees or contractors in accordance with this policy, all other UC and Berkeley Campus policies, and applicable laws. Any additional network monitoring activities beyond those listed must be granted approval from IRGC. IRGC will also periodically review routine network monitoring to ensure such practices strike an appropriate balance between privacy and security. Any networking monitoring practices not approved by IRGC shall be prohibited.