Information Technology Accessibility 6140

Description: This policy is established to support the Longwood University community in promoting equal access opportunity to information technology (IT) by the application of accessibility standards, guidelines, training, tools and methods consistent with higher education. The aim is to provide this opportunity in a setting that fosters independence and meets the guidelines of the Americans with Disability Act (ADA) and the Rehabilitation Act of 1973.

Owner: Information Security


Information Technology Accessibility 6140

Description: This policy is established to support the Longwood University community in promoting equal access opportunity to information technology (IT) by the application of accessibility standards, guidelines, training, tools and methods consistent with higher education.

Owner: Information Security


Information Technology and Infrastructure, Architecture Ongoing Operations 6143

Description: It is critically important that Longwood University's information technology (IT) infrastructure, architecture and ongoing operations support the mission of the institution. To help ensure this need is met, decisions affecting these areas must reflect standards, guidelines and practices found to be effective in the higher education environment.

Owner: Information Security


Information Technology Project Management 6142

Description: Longwood University has a highly complex and resource rich information technology (IT) environment upon which there is increasing reliance to provide mission-critical academic, instructional and administrative functions. Safeguarding the institution's computing assets in the face of growing security threats is a significant challenge requiring a strong, persistent and coordinated program that leverages widely accepted, effective security practices appropriate for the higher education environment

Owner: Information Security


University Information Technology Security Program 6141

Description: Longwood University has a highly complex and resource rich information technology (IT) environment upon which there is increasing reliance to provide mission-critical academic, instructional and administrative functions.

Owner: Information Security


Acceptable Use of Information Technology Resources and Systems 6104

Description: The purpose of this policy is to establish parameters for the use of Longwood information technology (IT) resources and systems.

Owner: Information Security


Security Awareness and Training 6131

Description: The purpose of this policy is to identify the conditions necessary to provide information technology system users with appropriate awareness of system security requirements and of their responsibilities to protect information technology resources and systems.

Owner: Information Security


Security Awareness Training Enforcement Procedures

Description:

Owner: Information Security


Access to Information Technology Resources and Systems 6105

Description: The purpose of this policy is to identify the requirements for granting, maintaining and terminating users' access to university information technology (IT) resources and systems.

Owner: Information Security


Access To Information Technology Resources & Systems Procedures

Description: Creating IT-based resource access

Owner: Information Security


Privileged Access Control Standard

Description: The intent of this standard is to instruct authorized users on protection and preservation of the confidentiality, integrity, and availability of systems and information accessible through accounts with privileged access.

Owner: Information Security


Physical Access 6127

Description: The purpose of this policy is to establish the rules for the granting, control, monitoring and removal of physical access to Longwood information technology resources and systems facilities. These facilities include areas containing sensitive data and telecommunications equipment.

Owner: Information Security


Remote Access 6133

Description: The purpose of this policy is to define the minimum requirements for eligible employees to use University owned and non-University owned computing devices for remote access.

Owner: Information Security


Remote Access Standards

Description: Individuals remotely accessing university IT resources and systems from non-university owned computing devices may use...

Owner: Information Security


Authentication 6125

Description: The purpose of this policy is to ensure that the person supplying an identity is the person to whom the supplied identity has been assigned.

Owner: Information Security


Data Classification 6134

Description: The purpose of this policy is to identify how the sensitivity of the university's data will be classified.

Owner: Information Security


Data Handling Standards

Description: Data owners may impose additional security controls/protections needed for a type of data, in addition to the controls required by the classification level.

Owner: Information Security


Electronic Data Disposal Standards

Description: The intent of these standards are to minimize the risks of exposing data to unauthorized individuals and inadvertently transferring software to those not licensed to use it...Any EDSD, especially those containing restricted data, must have all data sanitized prior to disposal as specified by these standards and the terms of any licensed software.

Owner: Information Security


eMail 6138

Description: The purpose of this policy is to ensure e-mail communication is used in a way that supports the university's mission.

Owner: Information Security


Email Disclaimer

Description: This e-mail disclaimer has been approved by the Office of the Attorney General for use by Longwood employees. When using an e-mail disclaimer only the approved disclaimer may be used (see the E-mail policy) and the disclaimer should be added at the bottom of the e-mail message.

Owner: Information Security


Encryption 6103

Description: The primary purpose of this policy is to protect restricted data, as defined by the Data Classification Policy, by limiting the use of encryption to those algorithms that have received substantial public review and have been proven to work effectively; while setting standards for all use of encryption and to identify federal exportation regulations regarding encryption technologies.

Owner: Information Security


Minimum Encryption Standards

Description: Minimum Encryption Standards

Owner: Information Security


Firewall Policy 6130

Description: This policy provides the configuration, maintenance, control and monitoring of enterprise-wide firewall technology used to safeguard the university's information technology (IT) resources and systems.

Owner: Information Security


Incident Response 6132

Description: The intent of this policy is to establish the requirements for effective incident reporting, response, and escalation practices with regard to the security of data and information technology (IT) resources and systems.

Owner: Information Security


Malware Protection 6128

Description: Malware: Malware, short for malicious software, is any software designed to damage, disrupt, harm or compromise any computer, server or network. Viruses, worms, trojans, rootkits, bots, and spyware are all various forms of malware.

Owner: Information Security


Password Management 6119

Description: Effective password management is the most central single element in assuring the overall security of Longwood's information technology (IT) resources and systems and the protection of University data. The purpose of this policy is to ensure that all users are aware of their responsibilities in effective password management and to ensure that appropriate password standards are applied to all University IT systems

Owner: Information Security


LancerNet Password Standards

Description: Establishes LancerNet Password Standards

Owner: Information Security


Minimum Password Standards

Description: Per the Longwood Password Management policy these standards set the minimum requirements for passwords on any University IT system. **Systems utilizing the LancerNet ID and Password must meet the LancerNet Password Standards.**

Owner: Information Security


Password Creation Guidelines

Description: Because we recognize that everyone has trouble creating a good password that is easy to remember but not easy to guess we provide you with the following tips.

Owner: Information Security


Security Roles and Responsibilities 6135

Description: The purpose of this policy is to establish university-wide security roles with assigned responsibilities for protecting university data and information technology (IT) systems.

Owner: Information Security


Wireless Communication 6124

Description: The purpose of this policy is to identify the requirements that wireless communications technology must meet to provide the University with reliable and secure wireless services.

Owner: Information Security


Change Management 6139

Description: The purpose of this policy is to require changes to Longwood University information technology (IT) resources and systems to be planned, communicated, documented and evaluated prior to implementation.

Owner: Information Security


Information Technology Resources and Systems Procurement 6137

Description: The purpose of this policy is to ensure that all Longwood University information technology (IT) resource and system procurement decisions are guided by the technology procurement principles of effectiveness and efficiency, including a thorough consideration of factors such as support needs, compatibility, security and budget maximization in all IT resource and system procurement decisions.

Owner: Information Security


IT Systems Development Lifecycle 6136

Description: The purpose of this policy is to establish a University wide information technology (IT) systems development life cycle to offer consistency and structure to the IT systems development process and to ensure that security is considered throughout an IT system's development.

Owner: Information Security


IT Systems Development Life Cycle Standard

Description: IT Systems Development Life Cycle Standard

Owner: Information Security


Academic and Administrative Web Policy 6101

Description: The purpose of this policy is to establish guidelines for all information that resides on all official and unofficial Longwood University websites, including remotely hosted web pages, to ensure a consistent and coordinated message.

Owner: Information Security


Academic and Administrative Web Procedures

Description: Web content manager(s): A web content manager is an individual with responsibility to update content on a web site. The department head/chair can designate multiple web content managers if the site is managed by the content management system, but all work by a student web content manager must be approved by a faculty or staff web content manager before publishing to the "live" web site.

Owner: Information Security


Compliance Checklist

Description: Compliance Checklist

Owner: Information Security


Internet Privacy 6116

Description: The purpose of this policy is to establish the guidelines under which Longwood University will or will not collect and/or use information about visitors to its Internet web sites.

Owner: Information Security


Internet Privacy Statement

Description: Commitment to Privacy Thank you for visiting one of Longwood University's websites. We are committed to providing the latest online services to both our visitors and members of the Longwood community. We are also committed to privacy issues, and we would like to take this opportunity to tell you about what information we collect, how we use this information, and your rights concerning this information. By using our websites, you consent to the collection and

Owner: Information Security


Academic Computing Labs Policy 6102

Description: The purpose of this policy is to provide guidelines for the use of the academic computing labs by employees and students of the university, as well as other authorized users and groups.

Owner: Information Security


Telecommunications 6122

Description: This policy regulates the use and management of voice, fax and cellular services provided to employees of Longwood University..

Owner: Information Security


Telephone Service

Description: Telephone Service

Owner: Information Security


Telephone Reimbursement Procedure  

Description:

Owner: Information Security


Encryption Key Management Standards

Description: Standards of Data Encryption

Owner: Information Security