If you haven't looked at the proposed new IT Security Policy (SPG 601.27) and related standards yet, you might want to set aside a little time to do so. The policy has been almost completely rewritten, and it will have a big impact on how all of us contribute to IT security at
The rewritten policy establishes a single, comprehensive, university-wide "information assurance and cybersecurity risk management framework and program, based on an enterprise security architecture that makes utilizing secure university-provided services straightforward and readily accessible to faculty and staff." The policy will be supported by more than a dozen operational, procedural, and technical standards.
The policy was originally issued in 2008, soon after
Faculty, staff, and