Page History

General Information Security Policies

• EDUCAUSE Security Policies Resource Page (General)

• Computing Policies at James Madison University

• Computing Policies at University of Iowa

• University of California at Los Angeles (UCLA) Electronic Information Security Policy

• University of Notre Dame Information Security Policy

• University of Iowa Information Security Framework

• Carnegie Mellon Information Security Roles and Responsibilities

• Stanford University Computer and Network Usage Policy

Privacy Policies

• EDUCAUSE Campus Privacy Policies Resource Page

• University of Texas Health Science Center at San Antonio Information Resources Privacy Policy

• University of Minnesota Selecting an Online Privacy Policy

• Stanford Privacy and Access to Electronic Information

• University of Miami School of Medicine: Privacy/Data Protection Project

Acceptable Use Policies

• University of Texas Health Science Center at San Antonio Acceptable Use Policy

• University of Minnesota Acceptable Use of information Technology Resources Policy

• Purdue University Acceptable Use Policy

• University of Texas Health Science Center at San Antonio Internet Use Policy

• University of North Carolina at Greensboro Blackboard Use Policy

Data Classification and Governance

• EDUCAUSE Campus Data Classification Policies

• Carnegie Mellon Guidelines for Data Protection

• State of Texas Department of Information Resources Data Classification Guide

• University of Texas at Austin Data Classification Standard

• University of Texas Health Science Center at San Antonio Data Classification Policy

• Carnegie Mellon Guidelines for Data Classification

• Stanford University Data Classification

• Purdue University Data Classification and Governance Policy

SSNs

• University of Iowa SSN Policy

• Purdue University Social Security Number Policy

• Northwestern University Secure Handling of Social Security Numbers Policy

Encryption

• University of Texas at Austin Data Encryption Guidelines

• Northwestern University Data Encryption Policy

• UCLA Protection of Electronically Stored Personal Information Policy

Disposal of Computers, Hard Drives

• EDUCAUSE Guidelines for Data Media Sanitization and Disposal

• NIST SP 800-88 Guidelines for Media Sanitization

• University of Texas Health Science Center at San Antonio Storage Media Control Policy

• Northwestern University Disposal of Computers Policy

• Carnegie Mellon Guidelines for Data Sanitization and Disposal

IdentityandAccessManagementPolicies

• University of Iowa Enterprise Authentication Policy

• Purdue University Authentication and Authorization Policy

• Stanford University Identification and Authentication Policy

• University of South Carolina Data Access Policy

• Virginia Tech Administrative Data Management and Access Policy

• University of Texas Health Science Center at San Antonio Administrative and Special Access Policy

• Carnegie Mellon Guidelines for Appropriate Use of Administrator Access

Passwords

• University of Texas Health Science Center at San Antonio Access Control and Password Management Policy

• Carnegie Mellon Guidelines for Password Management

• University of Iowa Enterprise Password Policy

Physical Access

• University of Texas at Austin University Data Center Security Policy

• University of Texas at Austin University Identification Card Guidelines

• University of Texas Health Science Center at San Antonio Physical Security for Electronic Information Resources

• Cornell University Responsible Use of Video Surveillance Systems

Incident Management and Response

• University of Texas Health Science Center at San Antonio Information Security Incident Reporting Policy

• University of Iowa Computer Security Breach Notification Policy

• UCLA Notification of Breaches of Computerized Personal Information Policy

• University of Minnesota Reporting and Notifying Individuals of Security Breaches Policy

• NIST SP 800-61 Computer Security Incident Handling Guide

Backup and Data Recovery

• University of Texas Health Science Center at San Antonio Data Backup Policy and Guideline

• University of Iowa Backup and Recovery Policy

Email and Instant Messaging

• EDUCAUSE Email Policies

• State of Texas Department of Information Resources Internet and Email Domain Name Policy

• University of Texas Health Science Center at San Antonio Electronic Mail Use and Retention Policy

• Purdue University Electronic Mail Policy

• University of Texas at Austin University Electronic Mail Student Notification Policy (Use of E-mail for Official Correspondence to Students)

• Carnegie Mellon Instant Messaging Security and Use Guidelines

Social Media

• State of Texas Social Media Policy

• Stanford University Chat Rooms and Other Forums Policy

• Drexel University Social Media Policy

• Ball State University Social Media Policy

• University of California Santa Barbara Social Networking Guidelines for Administrators

• University of Florida Social Media Guidelines

• State University of New York Social Media Policy

Cloud Computing

• University of California Cloud Computing Task Force

• Cornell University Outsourcing and Cloud Computing resource page

• Purdue University Cloud Computing Consumer Guidelines

• University of Texas Health Science Center at San Antonio Third-Party Management of Information Resources Policy

Technology Procurement

• Northwestern University Policy for Information Technology Acquisition, Development and Deployment

Mobile Device Policies

• EDUCAUSE Campus Cell Phone Policies

• University of Texas Health Science Center at San Antonio Portable Computing Policy

• University of Texas at Austin Handheld Hardening Checklists

• University of Oregon Mobile Device Security Policy Recommendations and Questions

• University of Pennsylvania Server-Managed Personal Digital Assistant (PDA) Policy with Disclaimer

Minimum Security Requirements Network Devices

• UCLA Minimum Security Standards for Network Devices Policy

• University of Texas Health Science Center at San Antonio Computer Network Security Configuration Policy

• University of Texas at Austin Minimum Security Standards for Systems

• University of Texas Health Science Center at San Antonio Administration of Security on Server Computers Policy

• University of Texas at Arlington Server Management Policy

• Northwestern University Server Certificate Policy

• University of Texas Health Science Center at San Antonio Administration of Security on Workstation Computers Policy

• University of Minnesota Basic Security for Computers and Other Electronic Device

Networking Policies

• UNC-G: Wireless Networking

• Appalachian State University: Open Servers VLAN Policy

• University of Texas Health Science Center at San Antonio Network Access Policy

• University of California at Berkeley Guidelines and Procedures for Blocking Network Access

Firewall Maintenance

• Northwestern University Firewall Policy

VPN Usage

• Northwestern University Usage of the NU SSL VPN Policy

Web Application Security Policies

• University of Texas Health Science Center at San Antonio Web Application Security Policy

• Carnegie Mellon Web Server Security Guidelines

SQL Databases and Proxy Servers

• Carnegie Mellon Proxy Server Guidelines

Application Service Provider

• University of Texas at Austin Minimum Security Standards for Application Development and Administration

Research Application Hosting

• Carnegie Mellon Procedures for Requesting Access to Network Data for Research

File Sharing

• University of Texas Health Science Center at San Antonio Peer-To-Peer Access Policy

Risk Management

• UT Health Science Center at San Antonio Electronic Information Security Risk Management Policy

Security Monitoring

• University of Texas at Austin Network Monitoring Guidelines

• University of Texas Health Science Center at San Antonio Security Monitoring Policy

Security Training

• UT Health Science Center at San Antonio Information Security Training and Awareness Policy

DNS Policies

• EDUCAUSE Campus Domain Name Policies

• Carnegie Mellon Recursive DNS Server Operations Guideline

• Registration and Use of UCLA Domain Names Policy

Copyright

• EDUCAUSE Campus Copyright and Intellectual Property Policies

• Carnegie Mellon Copyright Violation Guideline

PCI

• University of Texas at Austin Minimum Security Standards for Merchant Payment Card Processing

• Stanford University Credit Card Acceptance and Processing Policy

Software Licensing

• EDUCAUSE Campus Licensing Policies

• University of Texas Health Science Center at San Antonio Software Policy

Top of page

Questions or comments? Contact us.

Except where otherwise noted, this work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0).