IT Security Standards

萝莉社视 Board of Regents Policy 02.07, the 萝莉社视 Information Security Program, and this body of IT Security Standards apply to the 萝莉社视 System and all users of 萝莉社视 computing resources. These standards are reviewed and approved by the CIO Management Team (CMT), a system-wide governance group consisting of each university CIO, the 萝莉社视 CITO, and the 萝莉社视 CISO.

RECENT UPDATES	COMING SOON
Acceptable Use of Information Resources UPDATED Generative AI Security Standard see also: GenAI at 萝莉社视 Password and Authentication Standard Information Security Controls and Exceptions Standard Vulnerability and Patch Management Standard	Minimum Security Standards for Endpoints

GENERAL IT STANDARDS

Acceptable Use of Online Resources UPDATED
Administrative Guidelines: Use of Email (.pdf)
Downloading Copyrighted Materials FAQs
萝莉社视 Cloud Computing Guidelines
萝莉社视 Guidelines for the Use of Social Media Final
User Extensions Policy

DATA AND ADMIN STANDARDS

Bulk Document Shredding
Data Classification
Retention and Disposition Schedules

SECURITY STANDARDS

Configuring SSL Securely
Encryption Options
Generative AI Security Standard NEW
ID Theft Program
Information Security Controls and Exceptions Standard NEW
InfoSec Breach and Handling Procedure
Information Resource Data and System Classification Standard
Information Security Definitions & Terminology
Minimum Security Standard for Desktop Systems
Mobile Device Security
Password and Authentication Standard NEW
Remote Access Security Requirements
Standards for System Logging
萝莉社视 System Security Guidelines
Vulnerability and Patch Management Standard NEW

PRIVACY POLICIES

BoR & University Policy on FERPA (.pdf)
University of Alaska HIPAA Privacy Policies and Procedures (.pdf)