CSC Information Technology Policies

Incident Response Policy

The purpose of this policy is to clearly define roles and responsibilities for the reporting, investigation and response of computer security incidents and data breaches.

Computer Use Policy

The purpose of this policy is to educate users about their responsibilities regarding acceptable use of University computers/networks.  We also describe and prohibit unacceptable use of University computers/networks.

Information Systems Security Policy

This general security policy has been developed to ensure data integrity and confidentiality for all administrative computer systems at the University of South Alabama. This document will provide guidelines for the classification of data resources, and subsequent retrieval and dissemination of that data by various user groups.

Public Use Computer Signage Policy

This policy provides information related to use of computers in publicly accessible locations and the appropriate use of them to protect personal and confidential information.

USA Software Policy

This policy provides guidance in the use of copyrighted software.  It was developed by a faculty committee and has been approved by the University's Deans and President as a University policy.

Network Connectivity Policy

The University networks support a wide variety of devices and services of critical importance to the operations of the University. In addition to providing University constituents access to electronic mail, Internet, and file and print services, the networks also support telephony, monitoring of environmental control and other equipment, remote security monitoring, and other essential University services. 

Federal Higher Education Opportunity Act of 2008 (HEOA)

The Federal Higher Education Opportunity Act of 2008 (HEOA) imposes various requirements on higher education with respect to illegal sharing of copyrighted material by network users.  This document contains guidelines regarding legal and policy implications of illegal file sharing plus legal alternatives for obtaining copyrighted materials. 

Software and Cloud Services Purchase/Acquisition Policy

The purpose of this policy is to ensure the compatibility, integrity, and security of University data systems.

Social Security Number (SSN) Protection Policy

The University of South Alabama (USA) collects social security numbers (SSNs) in the process of performing activities for the expressed purpose of supporting the University's mission. An individual's SSN is private and confidential, and every effort must be made to prohibit disclosure and/or improper usage. The purpose of this policy is to limit access to SSNs stored in USA’s files and databases to persons who require them in order to perform their jobs.

Vulnerability Management Policy

Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities that may lead to security or business risk. The Computer Services Center (CSC) is dedicated to securing the network by enforcing proper vulnerability management practices. This policy includes roles and responsibilities of groups, personnel, the vulnerability management process and procedure, and the risk assessment and priorities of identified vulnerabilities.