Clemson IT policies and procedures updated
Ryan Real,
Communications & Marketing
July 18, 2022
CCIT and Clemson leadership regularly revisits its computing policies and procedures to ensure they meet usage, compliance and technological standards. After thorough review, several policies have been updated in 2022. CCIT will continue to update and create more policies as needed.
New policies and procedures
- Acceptable Use of IT Resources Policy (NEW)
- replaces Use of IT Resources for Employees and Students policies
- Account and Password Management Policy (NEW)
- replaces Usernames and Password Policy
- replaces Usernames and Password Policy
- Incident Reporting Procedures (NEW)
- Information Security Policy (NEW)
- Glossary of Terms added
Key points from the new Acceptable Use Policy
- 2.1 All data pertaining to student records, administration, research projects, federal or state Information, and other data owned or processed by the University shall follow the University’s Data Classification Standards, and must be appropriately safeguarded in accordance with the University’s Minimum IT Security Standards.
- 4.2 All information systems (includes items such as computers, servers, mobile devices, personally owned devices and others) must be configured and maintained in accordance with the published Minimum IT Security Standards. Users are advised to review security standards on a regular basis and reach out to CCIT or local IT support for assistance.
- 6.1 Personally owned computers and mobile devices used for University business are subject to this policy and must comply with the Minimum IT Security Standards.
- 6.2 Access to confidential or restricted data through a personally owned computer or mobile device requires coordination with the Office of Information Security to ensure appropriate safeguards are utilized.
- 6.3 Confidential or restricted data must not be saved to personally owned computers or mobile devices.
Minimum IT Security Standards
- All employee endpoints are now required to follow University standards for configuration management, system patching and local encryption through your area’s IT consultant.
Key points from the Accounts and Passwords Policy
- Visitor and miscellaneous accounts that will have access to confidential or restricted data require approval from the Office of Information Security. If you are unclear about your account privileges, please contact the CCIT Support Center.
- Each information system owner must annually review all user accounts with access to that system, storage or service. Information systems include hardware and software that collect, store and process data, such as PeopleSoft, departmental drives, Box storage, and others.
- Access permissions for IT resources must be given using the principle of least privilege, which is the minimum access required based on a user’s assigned roles and responsibilities.
- No user is permitted access to confidential and restricted information without approval of the applicable Data Trustee or Data Steward.
- A password change is required if a user account has been compromised or is suspected of being compromised.
Notices
Check the status of university systems on Status Hub
Security upgrades to impact email spam retrieval beginning July 12, 2023
Campus network and TikTok — July 10, 2023
Kronos to require log-in through Duo mobile application on July 21, 2023
PeopleSoft and Banner Outage on June 11, 2023
Upcoming changes to Google Workspace
Temporary restrictions to iROAR access – Nov. 30, 2022
Welcome Back: Important IT Updates for Faculty and Staff
Welcome Back: Important IT Updates for Students
Eduroam Update – July 15, 2022
New Student Laptop Models Available for 2023-2024