Download Network Security Policy

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Network science wikipedia , lookup

Computer security wikipedia , lookup

Transcript 
Colorado
CIO Campus-wide Policy
University of Colorado at Boulder
May 2003
Effective:
CIO
Responsible Office:
Network Security Policy
Policy Title:
Approved
IT Council
Purpose: Outlines expectations regarding network traffic, servers, and management.
A. Rationale and Scope of Policy:
The University of Colorado at Boulder (CU-Boulder) provides network services to a large number and
variety of users – faculty, staff, students, and external constituencies. Security compromises for any
campus-networked system can have a detrimental impact to other networked systems. Information
Technology Services (ITS) is the primary information-technology provider on the CU-Boulder campus,
with services for telephony, video, computing, and networking. ITS has campus-wide responsibility to
maintain the integrity and security of networking systems and to provide the wiring and cabling
infrastructures that support voice, data and video services.
This policy encompasses all systems directly connected to ITS-maintained networks or systems on
networks that receive network service from the Boulder campus backbone. This includes campus
Internet connections, 10BaseT or 100BaseT “b-jack” connections, DSL subscriber lines and “Alliance
Networks”.
B. Policy:
1. Network Traffic
ITS will control access to all intra-campus traffic, all inbound and outbound Internet traffic, and DSL
service. The ITS Executive Director or his/her designee will determine what Internet traffic will be
permitted. IT Council will have a consultative role to ensure that the traffic limitations are consistent
with both the business and academic goals of CU-Boulder.
2. Network Servers
All Network Servers must have registered IP Addresses in order to insure that any additions or changes
to the Network Servers will not have adverse effects on the existing resources. IP Address registration is
available on the ITS web site www.colorado.edu/its/networking.
3. Network Management
The IT Security Office, or its designee, is authorized to perform a security audit of any CU-Boulder
network devices at any time.
The IT Security Office is the primary administrative contact for all network security related activities.
All networked systems will comply with the Minimum Security Standards policy.
The IT Security Office will publish security alerts, vulnerability notices and patches, and other pertinent
information in an effort to prevent security breaches.
ITS will coordinate investigations into any alleged computer or network security compromises,
incidents, and/or problems. To ensure that this coordination is effective, ITS requests that security
compromises be reported to ITS (e-mail: [email protected]).
ITS will monitor backbone network traffic in real-time as necessary and appropriate, to detect
unauthorized activity or intrusion attempts. All monitoring will be carried out in compliance with the
“Use of CU-Boulder’s Computing and Network Resources” policy.
If scans or network monitoring identify security vulnerabilities, the cooperation of the system owners
and system managers for the systems and the networks will be solicited. If the appropriate contact
cannot be determined, the department’s management will be notified. When a security problem (or
potential security problem) is identified ITS will take steps to disable network access to those systems
and/or devices until the problems have been rectified. ITS will disable network access at the closest
network port to which ITS has administrative control.
C. Responsible Organization
The CIO Office will be responsible for the maintenance and review of this policy.
Related documents
Colorado business leaders remain positive for 2014 Jan. 2, 2014 Richard Wobbekind
Colorado business leaders remain positive for 2014 Jan. 2, 2014 Richard Wobbekind
Colorado business confidence holds steady heading into second quarter of
Colorado business confidence holds steady heading into second quarter of
Analysis Jan 2013
Analysis Jan 2013
Colorado business leaders bullish on Colorado economy July 1, 2013 Richard Wobbekind
Colorado business leaders bullish on Colorado economy July 1, 2013 Richard Wobbekind
flyer
flyer
Southeastern Michigan State Employees Federal Credit Union
Southeastern Michigan State Employees Federal Credit Union
Global Underground Corp is looking for hard working and dedicated
Global Underground Corp is looking for hard working and dedicated
Colorado to see continued moderate growth in 2012, forecasts CU... July 5, 2012 Richard Wobbekind
Colorado to see continued moderate growth in 2012, forecasts CU... July 5, 2012 Richard Wobbekind
Norway
Norway
Colorado Plateau Native Plant Materials Program FY 2010 Accomplishments
Colorado Plateau Native Plant Materials Program FY 2010 Accomplishments
K-12 STEM teacher programs take root at CU
K-12 STEM teacher programs take root at CU
Introduction
Introduction