UNC University Information Security Policy links

Updated ITS Email Policy 2011

http://its.unc.edu/ITS/about_its/its_policies/index.htm

media:ITS_campus_email.pdf

The following is taken from an Information Technology Services sponsered email

=============================================================================

With ever-increasing risks to the University's systems and sensitive

data, it is imperative that the security of these systems be

strengthened and protected. Recent findings by the Office of the State

Auditor for North Carolina identified weaknesses in our present approach

to managing IT security. With approximately 30,000 attempted hacks per

day into University computing resources, it is critical that a more

protected information security environment be created. Therefore eight

new University information security policies are being implemented

immediately.

The following policies can be found on the University's policy page at

http://www.unc.edu/campus/policies.html.

Information Security Policy (http://its.unc.edu/n/ccm1_033440)

Password Policy - General User (http://its.unc.edu/n/ccm1_033418)

Password Policy - System and Application Administrators

(http://its.unc.edu/n/ccm1_033419)

Transmission of Protected Health Information and Personal Identifying

Information Policy (http://its.unc.edu/n/ccm1_033439)

Information Security Liaison Policy (http://its.unc.edu/n/ccm1_033420)

Vulnerability Management Policy (http://its.unc.edu/n/ccm1_033421)

Incident Management Policy (http://its.unc.edu/n/ccm1_033423)

Institutional Data Governance Policy (http://its.unc.edu/n/ccm1_033422)

For your convenience, a brief summary of the key policy requirements can

be found at http://help.unc.edu/CCM3_020433. Information includes "What

every Computer User at Carolina must know" as well as "What IT personnel

must know."

In addition, all University staff should be informed and aware of the

basic tenets of information security to provide greater protection at

the individual user level. Security Awareness training is available

online at https://itsapps.unc.edu/ITSSelfStudy/.

These information security policies, in coordination with security

awareness training, will reinforce our existing foundation, further

strengthen the University's position and help to reduce the very real

risks of exposure. If you have any questions or concerns, please

contact the Information Security Office at 445-9393 or security@unc.edu.