IT Policy

Campus Guidelines for Kiosk Workstations

Dedra Chamberlin, IST–Infrastructure Services — Tue, 27 Oct 2009 00:00:00 -0700

The Campus Guidelines for Kiosk Workstations are a limited set of basic guidelines departments should follow if they provide workstations that are available for use by the general public. The guidelines focus primarily on configuring kiosk machines to minimize the chance that users will inadvertently leave themselves logged in when they leave a public workstation, and educating kiosk users so that they don't inadvertently leave themselves logged in to a public workstation.

Annual credit-card compliance process

Kate Riley, IST–Infrastructure Services — Thu, 05 Mar 2009 00:00:00 -0800

In order to conduct credit-card transactions, merchants must meet the security standards set by the Payment Card Industry (PCI) Security Standards Council. Every year, the UC Berkeley Controller's office must submit an attestation confirming that campus merchants have implemented their credit-card acceptance solutions in a manner that adheres to the Payment Card Industry Data Security Standard (PCI DSS) Requirements and Security Assessment Procedures. This article explains how the certification process works.

Minimum Security Standards for Electronic Information

Ryan Means, Berkeley Law — Thu, 18 Sep 2008 00:00:00 -0700

The Campus Information Security and Privacy Committee (CISPC) has created a new policy on Minimum Security Standards for Electronic Information (MSSEI) for UC Berkeley. The policy describes detailed protective measures which are required for a specified minimum set of types of highly confidential electronic information. Penalties may be incurred for failure to comply with the MSSEI.

Extending CalMail access for students on approved leave

Walter Wong, Office of the Registrar — Wed, 03 Sep 2008 00:00:00 -0700

Under the provisions of a new policy developed by the Office of the Registrar, the Graduate Division, and CalNet, students who withdraw or cancel their registration at Berkeley to conduct approved research or to attend an institution abroad through a program other than UC's Education Abroad Program are eligible for extended CalMail access.

Upcoming changes to cell phone policy

Tanya Leigh Jansen IST–TAM — Thu, 07 Feb 2008 00:00:00 -0800

Changes to the University's cell phone policy have been proposed based on recent clarification of IRS regulations. Under the revised policy, the University would provide a taxable cash allowance to employees who need cell phones to conduct official University business.

UC Information Systems Security Policy updates

Karen Eft, OCIO—Security, Policy, and Privacy — Thu, 15 Nov 2007 00:00:00 -0800

The University of California recently issued several new and revised information systems security standards pertaining to IT activities in support of the University's mission of education, research, and public service. UC has also released a guide that identifies a range of strategies for achieving a more secure electronic environment in which to conduct the University's academic, business, and other operations.

Privileged access has its responsibilities

Karen Eft, OCIO–SPP — Fri, 05 Oct 2007 00:00:00 -0700

In today's "e-everything" academic environment, protecting the security and privacy of electronic information has become a basic tenet. This article describes how technical support staff who have "privileged access" to information stored and processed on the campus computers and systems can abide by this tenet.

Proposed systemwide Policy on Accessibility in the Electronic Environment

Chris Ashley, OCIO–SPP — Fri, 05 Oct 2007 00:00:00 -0700

The University of California has recently proposed a systemwide Policy on Accessibility in the Electronic Environment to formally acknowledge UC's commitment to accessibility for all students, faculty, staff, and members of the public. This new policy requires implementation of technical standards for website accessibility, and provides recommendations for resources and tools that are useful for making web content accessible. The draft policy is open to review; comments are due by October 26, 2007.