Information Technology

Minimum Security Standards for Networked Devices (MSSND)

UC Berkeley’s Minimum Security Standards identify the minimum level of protection required for devices on our campus network and devices that store, process, or access institutional information.

Read more about Minimum Security Standards for Networked Devices (MSSND)

Minimum Security Standards for Electronic Information (MSSEI)

The Minimum Security Standards for Electronic Information (MSSEI) define minimum security standards for all UC Berkeley Institutional Information and IT Resources. All Workforce Members who use or have access to Institutional Information and/or IT Resources must comply with the applicable information security requirements defined by the MSSEI.

Read more about Minimum Security Standards for Electronic Information (MSSEI)

Data and IT Resource Classification Standard

The UC Berkeley Data Classification Standard is UC Berkeley’s implementation of the UC Systemwide Data Classification Standard. UC BFB IS-3 establishes that Institutional Information and IT Resources must be protected according to their classifications. This Standard is a framework for assessing the adverse impact that loss of confidentiality, integrity or availability of Institutional Information and IT Resources would have upon the Campus. It provides the foundation for establishing security requirements for each classification of data. UC BFB IS-12 establishes Recovery Level (RL) to guide IT Recovery planning and preparation for IT Resources. At UC Berkeley, Recovery Level classification is required for non-research IT Infrastructure and Services to which IS-12 applies.

Read more about Data and IT Resource Classification Standard

Acceptable Use of Technology Resources ("Acceptable Use Policy")

Read more about Acceptable Use of Technology Resources ("Acceptable Use Policy")

Privacy Statement for UC Berkeley Websites

Ensures that campus websites and servers do not actively share (re-distribute or sell) personally-identifiable information that they may collect

Read more about Privacy Statement for UC Berkeley Websites

SUPERSEDED: Computer Use Policy*

In support of the University's mission of teaching, research, and public service, the University of California, Berkeley provides computing, networking, and information resources to the campus community of students, faculty, and staff. Computers and networks can provide access to resources on and off campus, as well as the ability to communicate with other users worldwide. Such open access is a privilege, and requires that individual users act responsibly. Users must respect the rights of other users, respect the integrity of the systems and related physical resources, and observe all relevant laws, regulations, and contractual obligations.

Read more about SUPERSEDED: Computer Use Policy*

Automated License Plate Recognition Systems and Information

UC Berkeley utilizes Automated License Plate Recognition (ALPR) technology to support management of campus parking facilities. This Policy specifies the allowable uses of and requirements for ALPR Systems and ALPR Information at UC Berkeley; designates the Administrative Vice Chancellor as the Campus ALPR Authority; and provides authorization for UC Berkeley Parking & Transportation to operate ALPR Systems and use ALPR Information.

Read more about Automated License Plate Recognition Systems and Information

Campus Information Technology Security Policy

In order to fulfill its mission of teaching, research, and public service, the campus is committed to providing a secure yet open network that protects the integrity and confidentiality of information while maintaining its accessibility. Each member of the campus community is responsible for the security and protection of electronic information resources over which they have control. Resources to be protected include networks, computers, software, and data. The physical and logical integrity of these resources must be protected against threats such as unauthorized intrusions, malicious misuse, or inadvertent compromise. Activities outsourced to off-campus entities must comply with the same or equivalent security requirements as in-house activities.

Read more about Campus Information Technology Security Policy

Privacy and Online Monitoring

Defines requirements for notice, analysis, review, and approval of routine monitoring practices. If monitoring involves electronic communications, the escalation process for non-routine use of monitoring data must meet the requirements of the systemwide Electronic Communications policy.