Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
3050 Results
Guideline
Physical Security Guidelines
Stop the most common method of information theft Many information security breaches do not occur through the Internet but because the device containing information is misplaced, lost or stolen.
Guideline
UCSF Implementation of the ECP - Access Without Consent
Access Without Consent to Electronic Communications Records A. Authorization An electronic communication holder's records may be inspected, monitored, or disclosed without the consent of the individual but with the approval of the authorizing Vice Chancellor (see Appendix A, Definitions) under the following conditions:
Guideline
Recommendations for Securing Mobile Devices
What you need to know The following recommendations apply to all mobile devices, including both personally and UCSF-owned mobile devices, used for UCSF business. Mobile devices include, but are not limited to:
Impacted Services: IT Security Outreach and Training
Guideline
Criteria for Premium Support
What you need to know Premium Desktop Support is available for computers and devices that meet the following criteria:
Impacted Services: IT Field Services (ITFS) Desktop Support
Standard
UCSF 650-16 Addendum E - PCI
Purpose UCSF 650-16 Addendum E - PCI outlines the requirements for information, locations, facilities, and devices processing, storing, or transmitting credit card information. Objective To comply with data security requirements defined by Payment Card Industry Data Security Standards 3.1/3.2 (PCI-DSS)
Impacted Services: IT Security Outreach and Training
Guideline
UCSF IT Security Cloud Computing Guidance - Cloud Service Basics
Overview | What is the "cloud"? The "cloud" is a continually evolving concept that broadly references cloud services, or cloud computing. Cloud services can mean collections of any or all of the following: applications, information, infrastructure components and services provided as pools of resources.
Impacted Services: IT Security Outreach and Training
Standard
UCSF 650-16 Addendum G - Third-Party Remote Access Standards
Purpose To establish and set the requirements for a University of California San Francisco enterprise standard for third-party remote access to UCSF networks. Definitions See the University of California - Systemwide IT Policy Glossary for the most up-to-date definitions. Terms that are not in the Systemwide Glossary are defined below.
Standard
UCSF 650-16 Addendum B - UCSF Minimum Security Standards for Electronic Information Resources
Effective Date: December 2007, Updated December 2021 Contents Purpose Overview and Scope Exception from Minimum Security Standards Exception Requests Covering Legacy Systems Compatibility Exemptions Enforcement Minimum Security Standards System Inventory and Protection Level Classification (PLC) Transmission of Restricted Information
Impacted Services: IT Security Outreach and Training
Guideline
Access with Consent
The UC Electronic Communications Policy, Section IV, Privacy and Confidentiality, governs access to electronic communications records. In most circumstances, it is better to obtain the consent from the record holder before accessing records. However, consent is not required in every circumstance (See UCSF Implementation of the ECP - Access without Consent).
Impacted Services: IT Security Outreach and Training
Standard
Unified UCSF Enterprise Password Standard
Standard has been moved to the UCSF IT Security Intranet Site.
Impacted Services: IT Security Outreach and Training