Data Security
Technology Policies
Individual departments are allowed to create and maintain their own policies as they don't overstep boundaries put in place by these policies.
IT Security
0-501: Using and Protecting Microcomputing Resources
This policy defines the basic set of procedures that colleges and departments shall establish and maintain for the management, use, and protection of their microcomputing resources. It establishes guidelines for the administration of computing resources, control of access to data, software installation and maintenance, business resumption, and personnel training.
0-502: Appropriate Use of Information Technology Resources
Policy outlining acceptable use of the University computing resources. This is a general policy that specifies and gives examples of what is considered misuse of resources and the actions that can be taken in case of misuse.
0-515: Protection of Electronic Personal Information
Identity theft is a growing problem throughout the world and USF must take appropriate steps to limit and protect personal identity information which it collects in its systems. In support of its mission of teaching, research, and public service, USF has connections to the internet and thereby its systems are exposed to threats from the global community. USF must take all actions possible to protect the identity information that it maintains in its systems. Personal identity information must be protected from proliferation to systems and media that are not properly secured.
0-516: USFID-SSN Appropriate Use Policy
The threat of identity theft has been growing at an unprecedented rate and the University of South Florida commits to provide enhanced security for its students, staff and faculty. Accordingly, the University will no longer use nor permit the use of a Social Security Number (SSN) as the primary identifier for a person in any University information system unless required by law or explicitly approved by the IT Management Council.
IT Operations
0-506: Telecommunications Resources Management
Information Technology handles all network/telecom infrastructure for the entire university.
0-509: Call Accountability
Deans, directors, and department heads are responsible for the maintenance and audit of long distance toll calls. Unauthorized calls must be investigated when the cost is greater than $5.00.
0-517: USFCard and ID Badge Policy
The USFCard is used for identification, verification of University of South Florida status, use of University of South Florida services such as the library services, door access, purchase of parking decals, obtaining passes for University of South Florida sporting and theatrical events, and other related events and services. Certain units within the University of South Florida may require employees to carry an ID badge as an alternate form of identification. This ID badge is used for unit identification for verification of unit status. The ID badge does not replace the USFCard as primary form of identification and shall not be used to grant access to any University of South Florida Service.
0-518: Technology Acquisition Policy
Policy created to standardize technology related items purchased for the University.
0-520: Mass Electronic Communication Policy
The purpose of this policy is to articulate the University of South Florida’sposition involving the use of mass communications using e-mail (sometimes called “bulk e-mail”), SMS (Short Message Service), MMS (Multimedia Message Service), Instant Messaging, and other electronic means to distribute official messages to members of the University of South Florida community.
IT Governance
0-507: Data Management
Information is an integral part of the business and academic functions of University of South Florida; consequently, data is an important institutional resource. In order to make appropriate decisions, Institutional Data must meet basic standards. It also must be accurate and verifiable. The value of the data maintained by the University of South Florida increases through its widespread and consistent use, and it diminishes through misuse, misinterpretation, or unnecessary restrictions on its access.
0-508: University Information Security Structure
It is the policy of the University of South Florida that all information utilized in the course of business, research, and education is considered an asset, and as such, administration, faculty, staff, and students are responsible and accountable for its viability and protection. It is a management responsibility to maintain information security and integrity through administration of appropriate legal, audible controls to protect University information from unauthorized, intentional or accidental disclosure, modification, destruction, denial, or misappropriation.
0-512: Information Technology Governance Structure
This policy specifies charges for several committees, including the Information Technology Management Council, CIO Council and University Technology Standards Board, and advisory groups Cyber-Infrastructure Council, USF Classroom Technology Committee, Identity and Access Management Program Functional Committee, Information Security Workgroup, Council on Technologies for Instruction and Research, Student Technology Advisory Council, Research Computing Advisory Committee, Course Management Advisory Group, Student Information Systems Advisory Board, GEMS/FAST Advisory Group