This page provides links to the university’s information security policies currently in effect. Many policies have established standards to help you with policy compliance. Visit UFIT’s Standards page to view these documents.
Policy and Standard Lifecycle
Policies
- IT Policy and Standard Life Cycle (December 04, 2019)
Related Standards & Documents
- IT Policy Process Dec 2019 (PDF, 98KB - December 04, 2019)
Acceptable Use
Policies
- Acceptable Use Policy (February 6, 2020)
EIT Accessibility
- Policy (October 20, 2020)
Policies
- Email as Public Records (August 2011)
- Spam Policy (October 23, 2003)
- Electronic Mail (February 6, 2016)
Information Security
Policies
- Mobile Computing and Storage Devices Policy (March 1, 2013)
- Data Classification Policy (April 26, 2012)
- Authentication Management Policy (July 11, 2013)
- Risk Management Policy (February 6, 2020)
- Account Management Policy (January 20, 2016)
- Backup and Recovery (February 20, 2016)
- UF Information Security and Compliance Charter
- Remote Access Policy (December 14, 2016)
- Audit and Logging Policy (March 7, 2017)
- Control of Electronic Media (March 7, 2017)
- Incident Response Policy (February 6, 2020)
- Monitoring of IT Resources Policy (February 6, 2020)
- Physical Security of Information Technology (February 6, 2020)
- Management Procedure for Terminated and Transferred Employees (June 22, 2020)
Related Standards & Documents
- Definition of Terms
- Mobile Computing and Storage Devices Standard
- FAQ – Mobile Computing and Storage Devices Policy
- Authentication Management Standard
- Password Complexity Standard
- Risk Assessment Standard
- System Security Plans Standard
- External IT Vendor Sourcing Standard
- Data Classification Guidelines
- Data Security Standard
- Account Management Standard
- Private IP Standard
- MS SQL Filter Standard (login required)
- DHCP IP Network Number Distribution Standard
- Remote Access Standard
- Auditable Events and Record Content Standard
- Media Sanitization Standard
- Account Management Procedure for Terminated and Transferred Employees
PDF Downloads
- Account Management Standard
- Authentication Management Standard
- Mobile Computing and Storage Devices Standard
- Risk Assessment Standard
- Account Management Procedure for Terminated and Transferred Employees
- Instructions for Running and Scheduling Departmental Terminations and Transfers
Identity and Passwords
Policies
- Identity Management Policies (March 30, 2012)
- Biometric Identification Policy (February 6, 2020)
Related Standards & Documents
- Identity Assurance Profiles Standard (June 24, 2015)
- Identity Management Service Provider Standard (November 5, 2014)
Intellectual Property
Policies
- Copyright (May 12, 1994)
Networking
Policies
- Internet Protocol Address Assignment Policy (May 29, 2013)
- Wireless Network Policy (July 14, 2011)
Related Standards & Documents
- Internet Protocol Address Assignment Standard (May 29, 2013)
Purchasing & E-Commerce
Policies
- E-Commerce Policy (December 6, 2013)
Related Standards & Documents
Web-Related
Policies
- Advertising on University Webspace (October 23, 2012)
- Domain Name Policy (October 23, 2012)
- Internet Privacy Policy (April 11, 2011)
- Recognizing Corporate Supporters on the Web (October 23, 2012)
- Web Administration Policies and Standards (January 12, 2011)
- Web Identity and Graphics Standards (June 3, 2011)
Related Standards & Documents
- UF Guidelines to Develop Applications for Secure Deployment
- Recognizing Supporters on the University and Unit Web Space Standard