Skip to Main Content
Information Technology Services
oneColumn

UNF IT Security Standards Policy

The purpose of this Policy is to:

  1. Establish standards regarding the use and safeguarding of UNF Information Resources;
  2. Protect the privacy of individuals by preserving the confidentiality of Personally Identifiable Information entrusted to UNF;
  3. Ensure compliance with applicable Policies, State and Federal laws and regulations regarding management of risks to and the security of Information Resources;
  4. Appropriately reduce the collection, use, or disclosure of social security numbers contained in any medium, including paper records;
  5. Establish accountability;
  6. Educate individuals regarding their responsibilities associated with use and management of UNF Information Resources;
  7. Serve as the foundation for UNF's Information Security Program, providing the authority to implement Policies, Standards, and Procedures necessary to implement an effective Information Security Program in compliance with this Policy.

Policy Statement

Information Resources residing at UNF are strategic and vital assets. Access to these resources shall be appropriately managed. It is the policy of UNF:

  • To protect Information Resources based on risk against accidental or unauthorized access, disclosure, modification, or destruction and assure the availability, confidentiality, and integrity of these resources;
  • Apply appropriate physical and technical safeguards without creating unjustified obstacles to conducting business and achieving the missions of the University; and
  • Comply with applicable state and federal laws and SUS rules governing information resources.

Applicability

This Policy applies to:

  1. All institutions and organizational units within UNF;
  2. All Information Resources owned, leased, operated, or under the custodial care of any UNF organization or entity;
  3. All Information Resources owned, leased, operated, or under the custodial care of third-parties operated on behalf of any UNF organization or facility;
  4. All individuals accessing, using, holding, or managing University Information Resources.

Compliance with State Law

Information that is collected pursuant or related to the UNF Information Security Program is protected by Florida State Statute §119.071 and is therefore confidential by law. Accordingly, any University organization may not withhold information or fail to include information required by this Policy and/or Security Standards to be provided to or included in the UNF Information Security Program or for administration of program oversight.

Information Security Standards

All UNF organizations shall implement and abide by the following Standards:

Definitions

IT Security Standards Definitions

Supplemental UNF policies, standards, guidelines, procedures, and forms

General Hardening Standards

See ITS Policies and Standards for more information.

Who should know

All individuals accessing, managing, or possessing UNF Information Resources including staff, faculty, and students, as well as Vendors and contractors providing services on behalf of UNF and other third-party contractors.

Questions or comments

Questions or comments about this policy should be directed to: itsecurity@unf.edu