UC Santa Cruz - Information Systems Security


A-Z Index \| Find People

Information Security Team
Communications Building
1156 High Street
Santa Cruz, CA 95064
Phone: (831) 459-HELP

SECURITY Home

Technical Alerts

Tips, Tricks and Tools

Detecting a Breach

Reporting an Incident

Restricted Data Resources

About Our Team

Other UCSC Links:
• UCSC Home
• MyUCSC
• ResNet
• UCSC Library
• AIS Home

Maintained by secweb@ucsc.edu
Last Reviewed on Oct 26, 2004

Policies and Guidelines

Policies form the foundation of any security infrastructure. Policies define how the UCSC Information Systems Security Team will approach security, how employees (staff/faculty) need to approach security, how students are to approach security, and how certain situations will be handled.

While this document lists many of the university policies, but is not an exhaustive or complete list. New regulations, policies and procedures are constantly evolving. Laws, policies, or other regulations on aspects not specific to networks or computing may apply, e.g.: student conduct, personnel policy or contract, sexual harassment, chain letter laws, or other regulations.

University of California policies and guidelines
UC Santa Cruz policies and guidelines
Other General UC or UCSC Policies
Local, State, or Federal laws
UCSC Drafts

University of California policies and guidelines specific to computer/network resources:

UC Santa Cruz policies and guidelines specific to computer/network resources:

UCSC Electronic Information Policy Framework (Diagram)

UCSC IT-Related Policies

Protecting Restricted Data
- Practices for Protecting Electronic Restricted Data
- Risk Assessment Matrix
- University Administrative Information Systems, Access to Information Statement (all individuals with access to restricted data should read and sign)

The Electronic Communications Policy (ECP) at UC Santa Cruz
- UCSC Electronic Mail Guidelines (Implementation Procedures for UC Email Policy) Note that these implementation procedures will be updated for the UC Electronic Communications Policy.
- Draft Electronic Communications Implementation Guidelines
- "Access Without Consent" Process and Form (PDF)
- ITS Routine System Monitoring Practices
- SSN Scanning Methodology

Additional Practices, Procedures and Guidelines

Information Technology Services (ITS) Divisional Policies

Glossary of selected terms in UCSC IT-related policies, procedures and guidelines

Other General UC or UCSC Policies and Resources:

Local, State, or Federal laws

United States Code from the Office of the Law Revision Counsel under the U.S. House of Representatives
California legislative information, maintained by the Legislative Counsel of California
United States Copyright Office
Summary of Federal E-Discovery Regulations, December 21, 2006
UCOP Legislative Update, August 11, 2005

Draft UC Santa Cruz Information Technology policies, guidelines, and practices
Please forward feedback to itpolicy@ucsc.edu

1-page summary of all drafts listed below
Policies for Acceptable Use of UCSC Electronic Information Resources (Acceptable Use Policy) - updated 5/13/08
UCSC Minimum Network Connectivity Requirements - updated 4/23/08
Roles and Responsibilities for UCSC Electronic Information Resources (PDF) - updated 1/31/08
Expanded Practices for Protecting Electronic Restricted Data - updated 7/14/08