Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
144 Results
Standard
UCSF 650-16 Addendum C - UCSF Incident Investigation
I. Purpose This document outlines the requirements for information security incident investigations at the University of California, San Francisco (UCSF). Effective incident response is essential in mitigating damage and loss due to an information security incident. Proper handling minimizes the disruption to workflow and ensures compliance to federal, state, and University laws, rules, regulations, and policies. This document satisfies the requirement in BFB IS-3 Information Security for Incident Response Procedures.
Impacted Services: Security Incident Response & Investigation
Guideline
UCSF Incident Investigation Procedures
Effective Date: October 1, 2006 1. Purpose This document provides an overview of computer incident response and investigations procedures at the University of California, San Francisco (UCSF), as mandated in UCSF Policy 650-16 Addendum C: Incident Investigation.
Impacted Services: Security Incident Response & Investigation
Standard
UCSF Plan for Combating Unauthorized Distribution of Copyrighted Materials
Compliance with the peer-to-peer (P2P) provisions of the Higher Education Opportunity Act (HEOA) I. Introduction II. Technology-based deterrents A. Traffic monitoring B. DMCA notice response
Impacted Services: IT Security Outreach and Training
Guideline
Best Practices for Application and Website Security
Overview By following application and website security best practices, application owners can take proactive steps to eliminate or significantly reduce vulnerabilities in software before deployment. These vulnerabilities potentially provide attackers with the ability to take control of a server or computer, which can result in the compromise of UCSF data and personal data, denial of service, loss of service or damage to a system used by thousands of users. By reducing the numbers of vulnerabilities, UCSF data and personal data is better protected.
Impacted Services: IT Security Outreach and Training
Guideline
Physical Security Guidelines
Stop the most common method of information theft Many information security breaches do not occur through the Internet but because the device containing information is misplaced, lost or stolen.
Guideline
UCSF Implementation of the ECP - Access Without Consent
Access Without Consent to Electronic Communications Records A. Authorization An electronic communication holder's records may be inspected, monitored, or disclosed without the consent of the individual but with the approval of the authorizing Vice Chancellor (see Appendix A, Definitions) under the following conditions:
Guideline
IT Field Services - Service Level Agreement
Impacted Services: IT Field Services (ITFS) Desktop Support
Guideline
Recommendations for Securing Mobile Devices
What you need to know The following recommendations apply to all mobile devices, including both personally and UCSF-owned mobile devices, used for UCSF business. Mobile devices include, but are not limited to:
Impacted Services: IT Security Outreach and Training
Guideline
Criteria for Premium Support
What you need to know Premium Desktop Support is available for computers and devices that meet the following criteria:
Impacted Services: IT Field Services (ITFS) Desktop Support
Standard
UCSF 650-16 Addendum E - PCI
Purpose UCSF 650-16 Addendum E - PCI outlines the requirements for information, locations, facilities, and devices processing, storing, or transmitting credit card information. Objective To comply with data security requirements defined by Payment Card Industry Data Security Standards 3.1/3.2 (PCI-DSS)
Impacted Services: IT Security Outreach and Training