University of California, San Diego
OFFICE OF THE ASSOCIATE VICE CHANCELLOR -
June 20, 2007
ALL FACULTY AND STAFF (including UCSD Medical Center)
Three years ago we announced the first set of UCSD's minimum network security standards. Since then, significant progress has been made to protect the campus information technology infrastructure, but hackers have also stepped up their level of sophistication and are still posing significant threats to our data and networks.
Today we are announcing a new set of enhanced minimum standards that
address security requirements for specific computing activities. For
detailed information please see:
The new standards have minimal impact on most desktop and laptop computers that already meet the current standards. However, the impact of the new standards is much more significant for computing servers and for devices that interact with sensitive or private data.
We encourage you to review the standards immediately and implement them as soon as possible in coordination with your departmental system administrators. However, because the impact of these standards is broad, a somewhat longer implementation period has been created within the standard. Devices which do not meet the appropriate requirements within the timeframes outlined in the standards will be subject to immediate disconnection from the UCSD network. Exceptions to the minimum standards will be approved on a case-by-case basis and will require alternative security actions.
Questions about this policy can be sent to: firstname.lastname@example.org and questions about this announcement should be addressed to Gabriel Lawrence, UCSD Data & Network Security, at email@example.com or (858) 822-3785.