You need to have JavaScript enabled to get the most of our website
The Milonic DHTML Web Menu will only work on JavaScript enabled browsers.
Connecticut State University Sytem
Text only
 

 

 

 

 

 

RESOLUTION


CONCERNING
THE CONNECTICUT STATE UNIVERSITY SYSTEM
INFORMATION TECHNOLOGY SECURITY POLICY

January 27, 2006


WHEREAS,   The Board of Trustees for the Connecticut State University System recognizes that unauthorized disclosure of certain personal information is prohibited by various state and federal statutes, and

WHEREAS,   The Board wishes to ensure that the security and integrity of tangible and non-tangible technology and information resources – including but not limited to hardware, software, communications equipment, peripheral devices, data and information assets – are protected and safeguarded, and

WHEREAS,   It is desirable that information technology services should be available to the members of the university community with as little interruption as is practicable, and

WHEREAS,   Best practice requires that procedures should be established to provide coherent, consistent rules for access to information resources, and to provide coherent, consistent, orderly methods for conducting business using information technology, and

WHEREAS,   Knowledge of such procedures should be disseminated in an easily accessible form to all personnel who use CSU's information resources, therefore be it

RESOLVED,   That all employees, students, contractors and others who utilize the electronic and non-electronic resources of the Connecticut State University System shall adhere to federal, state and other applicable laws, rules, and regulations which provide for the protection of the security and integrity of information contained in CSU information files, and be it

RESOLVED,   That all employees, students, contractors and others who utilize the electronic and non-electronic resources of the Connecticut State University System shall adhere to the provisions of applicable contracts and licenses, and be it

RESOLVED,   That the Chancellor is authorized to establish an implementation plan to provide for the development and promulgation of standards, procedures and guidelines that provide rules for access to information resources and rules for conducting business using information technology, and be it

RESOLVED,   That security procedures – including managerial, operational and technical controls – shall be consistent with national standards, and be it

RESOLVED,   That privacy procedures and guidelines protecting information shall be consistent with state and federal laws, including but not limited to FERPA and GLBA, and be it

RESOLVED,   That such procedures and guidelines shall include but not be limited to matters related to computer crimes, libel, privacy, copyright, and trademark, and be it

RESOLVED,   That the procedures and guidelines shall be reviewed and updated on a regular basis, but no less than once a year, and be it

RESOLVED,   That all employees, students, contractors and others who utilize the electronic and non-electronic resources of the Connecticut State University System shall adhere to the standards, procedures and guidelines developed as provided in the implementation plan established by the Chancellor, and prior to that time, shall adhere to the initial set of procedures and guidelines contained in the attached document, "General Guidelines to Improving Information Security Practices within the CSU System."

A Certified True Copy:

Lawrence D. McHugh
Chairman

Email Webmaster | Copyrights & Disclaimers | Site Map | Search | Archive | Directions | CT.gov