This page provides links to the university’s information security policies currently in effect. Many policies have established standards to help you with policy compliance. Visit UFIT’s Standards page to view these documents.
Policy and Standard Lifecycle
Policies
- IT Policy and Standard Life Cycle (December 13, 2011)
Related Standards & Documents
- IT Policy Process (PDF, 98KB - October 10, 2011)
Acceptable Use
Policies
- Summary – Acceptable Use Policy (August 17, 2011)
- Acceptable Use Policy (August 17, 2011)
- Florida Computer Crimes Act (August 2011)
Related Standards & Documents
- Procedure for Monitoring of IT Resources (August 24, 2011)
Accessibility
Resources
Policies
- Email as Public Records (August 2011)
- Spam Policy (October 23, 2003)
- Policies for the Use of Gatorlink (March 10, 1999)
- Electronic Mail (February 6, 2016)
Information Security
Policies
- Guidelines for Information Security (April 30, 2010)
- Mobile Computing and Storage Devices Policy (March 1, 2013)
- Data Classification Policy (April 26, 2012)
- Authentication Management Policy (July 11, 2013)
- Risk Management Policy (September 15, 2015)
- Account Management Policy (January 20, 2016)
- Backup and Recovery (February 20, 2016)
- UF Information Security and Compliance Charter
- Remote Access Policy (December 14, 2016)
- Audit and Logging Policy (March 7, 2017)
- Control of Electronic Media (March 7, 2017)
Related Standards & Documents
- Definition of Terms
- Mobile Computing and Storage Devices Standard
- FAQ – Mobile Computing and Storage Devices Policy
- Authentication Management Standard
- Password Complexity Standard
- Risk Assessment Standard
- System Security Plans Standard
- External IT Vendor Sourcing Standard
- Data Classification Guidelines
- Data Security Standard
- Account Management Standard
- Network and Host Security
- Physical Security
- Continuance of Operations
- Private IP Standard
- SMB Filter Standard (login required)
- Dialup/WIPA SMB Filter Standard (login required)
- MS SQL Filter Standard (login required)
- DHCP IP Network Number Distribution Standard
- Incident Response Standard
- Training and Awareness Standard
- Remote Access Standard
- Auditable Events and Record Content Standard
- Media Sanitization Standard
PDF Downloads
- Account Management Policy
- Authentication Management Policy
- Risk Management Policy
- Account Management Standard
- Authentication Management Standard
- Password Complexity Standard
- Mobile Computing and Storage Devices Standard
- Risk Assessment Standard
- System Security Standard
- External IT Vendor Sourcing Standard
- Restricted Data Standard
- Use Limitations for Payment Card Information
- Use Limitations for Personally Identifiable Information
- Use Limitations for Private Educational Records
- Health Information Classification Standard
- Reuse and Disposal Standards for IT Workers
- Risk Assessment Standard
Identity and Passwords
Policies
- Identity Management Policies (March 30, 2012)
Related Standards & Documents
- Identity Assurance Profiles Standard (June 24, 2015)
- Identity Management Service Provider Standard (November 5, 2014)
Intellectual Property
Policies
- Copyright (May 12, 1994)
Networking
Policies
- Internet Protocol Address Assignment Policy (May 29, 2013)
- Wireless Network Policy (July 14, 2011)
Related Standards & Documents
- Internet Protocol Address Assignment Standard (May 29, 2013)
Purchasing & E-Commerce
Policies
- E-Commerce Policy (December 6, 2013)
- Information Resource Review Policy (IRR) (February 25, 2004)
Related Standards & Documents
Web-Related
Policies
- Advertising on University Webspace (October 23, 2012)
- Domain Name Policy (October 23, 2012)
- Internet Privacy Policy (April 11, 2011)
- Recognizing Corporate Supporters on the Web (October 23, 2012)
- Web Administration Policies and Standards (January 12, 2011)
- Web Identity and Graphics Standards (June 3, 2011)
Related Standards & Documents
- UF Guidelines to Develop Applications for Secure Deployment
- Recognizing Supporters on the University and Unit Web Space Standard