Unit: Vice President and Chief Information Officer

It is expected that most students will meet this requirement by owning or leasing a computer appropriate to their degree program. The cost of this requirement may be included in financial aid considerations,

1. Purpose Authentication mechanisms such as passwords are the primary means of protecting access to computer systems and data. It is essential that these authenticators be strongly constructed and used in a manner that prevents their compromise. 2. Applicability This policy applies to all passwords and other authentication methods used at the University. 3. Definitions […]

1. Purpose As part of its educational mission, the University of Florida acquires, develops, and maintains computers, computer systems, and networks. These Information Technology (IT) resources are intended for university-related purposes, including direct and indirect support of the university’s instruction, research, and service missions; university administrative functions; student and campus life activities; and the free […]

Advertising consists of techniques and practices used to bring products, services, opinions, or causes to public notice for the purpose of persuading the public to respond in a certain way toward what is advertised. Advertising differs from the recognition of university supporters in that it may contain promotional or other information about a person or […]

1. Purpose To provide a comprehensive account management process that allows only authorized individuals access to University Data and Information Systems. 2. Applicability This policy applies to all Information Systems, University Data, identities and accounts used to access them and University Data. 3. Definitions Information System: An individual or collection of computing and networking equipment and […]

POLICY STATEMENT The purpose of this policy is to protect University Data from loss or destruction by specifying reliable backups that are based upon the availability needs of each unit and its data. APPLICABILITY This policy applies to all University of Florida Data and the Information Systems used with it. DEFINITIONS Information System: An individual or […]

1. Purpose To provide accurate and comprehensive audit logs in order to detect and react to inappropriate access to, or use of, information systems or data. 2. Applicability This policy applies to all Information Systems that store, process or transmit University Data. 3. Definitions Information System means an individual or collection of computing and networking […]

Restricted Data: Data in any format collected, developed, maintained or managed by or on behalf of the University, or within the scope of University activities, that are subject to specific protections under federal or state law or regulations or under applicable contracts. Examples include, but are not limited to medical records, social security numbers, credit card […]

Evidence of legal acquisition (purchase, lease, gift) for all software in use or possession must be kept. Unit records should be sufficient to identify and retrieve evidence of legal acquisition for capitalized software rapidly. Records for uncapitalized software should be held in the unit, be readily retrievable, and should include statements of all licenses in […]

1. Purpose The Domain Name System (DNS) is an Internet-wide distributed database of names translating Internet Protocol (IP) addresses into easily memorable names. Domain names are part of the identity of the university and communicate the university’s image and reputation to the public. Consistent domain usage may also be a tool for users to better […]

Click here to view the Incident Response Procedures.

A Security Role Verification Report is sent to the DSA of departments to which an employee transfers from within the university. The DSA is responsible for reviewing and updating enterprise security roles for transferred employees. Enterprise security roles that are no longer needed for the new position should be removed within three business days of […]

1. Purpose To ensure secure, reliable, and accountable use of mobile computing and storage devices with University of Florida Restricted Data. This policy establishes unified management, and formally assigns roles and responsibilities for these devices. 2. Applicability This policy applies to all mobile computing and storage devices used by the University of Florida constituency in the performance of their […]

1. Purpose The purpose of this policy is to define how the University of Florida controls Remote Access to university information systems and networks in order to prevent unauthorized use. 2. Applicability This policy applies to all methods the university implements to allow remote access to its services, information systems and networks 3. Definitions Information System means an […]

Organizations who are contemplating deploying WLANs must contact UFIT or HealthNet Infrastructure, as applicable, to assist in the configuration and deployment of their local wireless system and to incorporate it into the campus wide system. Per the University of Florida Acceptable Use Policy, individuals shall not implement their own network infrastructure. This includes, but is […]

All credit card usage at the University of Florida must be approved by Treasury Management (TM). New credit card merchant applications must be signed by a Manager, Dean or Department Head and approved by Treasury Management. Departments must have acceptable infrastructure and resources in place, such as: 2) Credit Card Information Storage It is permitted […]