Information Security Policy
The Information Security Policy is a directive from the university leadership to adhere to the university-published information security standards and controls. The standards themselves are managed and approved by the respective university Chief Information Officers.
The same policy covers both the Urbana and Springfield Campuses; the text of the policy can be found here:
- Urbana: https://cam.illinois.edu/policies/fo-36/
- Springfield: https://www.uis.edu/informationtechnologyservices/security-4/information-security-policy/
This policy applies to everyone who accesses Data or University networks or who stores Data through the use of University credentials or under the authority of and pursuant to University contracts (“University Community Members”).
This policy also applies to such access and storage by University Community Members whether the Data is accessed, stored or otherwise resides on University owned or controlled devices, personally owned or controlled devices, or devices owned or controlled by a third party under contract with the University.
Appropriate/Acceptable Use Policy (AUP)
The Urbana policy for Appropriate Use of Computers and Network Systems
The Urbana AUP specifically names the Urbana Office of the Chief Information Officer (CIO) as responsible for determining when university systems, networks, and other resources are being used in a non-compliant or insecure manner, and the university authorizes that office to remove network access and where appropriate, to notify campus or legal authorities. This authority, in practice, is delegated by the CIO to the Chief Privacy and Information Security Officer.
The Springfield policy for Acceptable Use of Information Technology Resources
The Springfield AUP specifies that violations of the policy are subject to the suspension of user privileges or other disciplinary action.
- Appropriate Use of Computers and Networks Systems
- University Of Illinois System Acceptable Use of Computing and Networking Resources Policy
- University of Illinois System HIPAA Privacy and Security Directive
- University of Illinois System PCI DSS Policies
- University of Illinois System Family Educational Rights and Privacy Act (FERPA) and Compliance
- University of Illinois System Comply with the Red Flags Rule
- University of Illinois System Web Privacy Notice