 |
|
| |
This |
Replaces |
| File: |
270.3 |
270.3 |
| Date: |
10/01/96 |
08/28/95 |
ORIGINATOR: Chief Information Officer
SUBJECT: Computer Security
The Associate Vice President and Chief Information Officer is responsible for
ensuring the security of information maintained on computer systems in accordance
with State Agency guidelines. All information maintained on UMUC computers is
considered the property of UMUC. Access to UMUC computer systems is restricted
to authorized users only. Access to administrative applications is determined
by the owners of the institutional data, as follows:
| Financial Systems: |
Assistant Vice President for Finance |
| Personnel and Payroll: |
Director, Personnel Services |
| Student Information System: |
Associate Vice President for Student Services |
| Student Accounts Receivable: |
Assistant Vice President for Finance |
| Financial Aid System: |
Associate Vice President for Student Services |
| Faculty/Course Information System: |
Dean, Undergraduate Programs Dean, Graduate School of Management and Technology |
| Marketing Information System: |
Director, Information Services |
Authorized users of computing facilities are responsible for:
- Maintaining the security of their passwords;
- Ensuring that floppy diskettes or other removable media containing sensitive
or critical data are put into locking storage when not in use or maintained
in areas that are locked when not in use;
- Backing up critical data maintained on their microcomputers' hard disks;
- Ensuring that only authorized software is loaded onto any UMUC computer
system. Authorized PC software packages are those developed, approved, or
installed by the Office of Information Technology, or those obtained from
reputable vendors who guarantee their products. The use of unauthorized PC
software and programs (software obtained from unauthorized computer bulletin
boards, friends, other employees, etc.) is strictly forbidden;
- Protecting UMUC computers from viruses by using authorized virus protection
software and scanning disks;
- Ensuring that software installed on UMUC computers is not copied illegally;
- Documenting sensitive or critical PC applications developed for departmental
use and used to perform UMUC business;
- Maintaining the confidentiality of all records as required by applicable
University policy, federal, state and local law.
- Any workstation (terminal, personal computer, etc.) that is left unattended
for longer than fifteen minutes is to be protected from unauthorized access
by either:
a) using a screen saver with password protection to prevent access, or
b) logging off from all computer systems. When using a password-protected
screen saver, this password is to known only to the individual who is responsible
for that workstation.
|
