Policies Boston University home page Boston University home page
Policies


Office of the President

Boston University
147 Bay State Road
Boston, Massachusetts 02215

June 20, 1997

To:  

All Faculty and Staff

From:  

Jon Westling, President

Subject:  

Boston University's Information Security Policy and Guidelines

  In June 1990, Boston University issued its first "Information Security Policy." Since then, the University has invested millions of dollars in its information technology systems, and the technology itself has grown more powerful and complex. Although the University's students, faculty, and staff now enjoy access to greatly-improved technology, so too do those who wish to gain unauthorized access to this equipment or who seek to misuse it. Accordingly, we have recently reviewed and revised the University's policies on information security. I am pleased to enclose copies of three documents that outline those revised policies: the "Information Security Policy," the "Conditions of Use and Policy on Computing Ethics," and the "Information Security Management Guidelines."

  Among other changes, you will notice that these three sets of standards now specifically prohibit unauthorized commercial or private use of the University's computing facilities; establish improved security guidelines for computer systems and platforms that access or store University information; and make clear that the University will deny access to the Campus Network to computer systems that do not comply with our security guidelines.

  The Boston University "Information Security Policy" is a general statement of the University's policies on this subject. The "Conditions of Use and Policy on Computing Ethics" sets forth guidelines that must be adhered to by every user of our computing facilities. The "Information Security Management Guidelines" help departmental managers, data trustees, system administrators, and departmental security administrators to comply with these policies. The collected Boston University Information Security Policies and Guidelines also can be accessed on the World-Wide Web at http://www.bu.edu/security.

  I encourage you to read and familiarize yourself with these guidelines. Any questions concerning the Boston University Information Security Policies and Guidelines should be directed to the Office of Information Technology (353-2780), University Information Systems (353-9004), or the Office of Internal Audit (353-2215).
Boston University
Boston University
BU   Directory  
NIS/WebCentral | OIT | December 1, 2006