IT Security Standards
UA Board of Regents Policy 02.07, the UA Information Security Program, and this body of IT Security Standards apply to the UA System and all users of UA computing resources. These standards are reviewed and approved by the CIO Management Team (CMT), a system-wide governance group consisting of each university CIO, the UA CITO, and the UA CISO.
| RECENT UPDATES | COMING SOON |
|
GENERAL IT STANDARDS
- Acceptable Use of Online Resources policy
- Administrative Guidelines: Use of Email (.pdf)
- Downloading Copyrighted Materials FAQs
- UA Cloud Computing Guidelines
- UA Guidelines for the Use of Social Media Final
- User Extensions Policy
DATA AND ADMIN STANDARDS
- Accounting and Administrative Manual Section 100: Accounting and Finance Administrative Policy for Payment Card Industry (PCI) (.pdf)
- Bulk Document Shredding
- Data Classification
- Retention and Disposition Schedules
- University of Alaska Board of Regents Policy and Regulation, including Ch 02.07 Information Resources and Ch 05.08 Business Practices (such as printing standards and records retention)
SECURITY STANDARDS
- Configuring SSL Securely
- Encryption Options
- ID Theft Program
- Information Security Controls and Exceptions Standard NEW
- InfoSec Breach and Handling Procedure
- Information Resource Data and System Classification Standard
- Information Security Definitions & Terminology
- Minimum Security Standard for Desktop Systems
- Mobile Device Security
- Password and Authentication Standard NEW
- Remote Access Security Requirements
- Standards for System Logging
- UA System Security Guidelines
- Vulnerability and Patch Management Standard NEW
PRIVACY POLICIES