[unisog] IDS policies

Richard Gadsden gadsden at musc.edu
Wed Apr 30 17:47:03 GMT 2003


On Wed, 30 Apr 2003, Robert Dormer wrote:

> I was wondering if anyone could direct me to where I might find some sample
> policies from universities regarding intrusion detection systems?  Thanks 
> in advance.

Not sure if this is what you're looking for, but our institutional 
Computer Use Policy contains language which both authorizes and restricts 
intrusion detection (monitoring) systems. Here's an excerpt:

"...the University reserves the right to monitor user activities on all 
University computer systems, and to monitor communications utilizing the 
University network, to ensure compliance with University policy, and with 
federal, state and local law. Monitoring shall be performed only by 
individuals who are specifically authorized, and only the minimum data 
necessary to meet institutional requirements shall be collected. Data 
collected through monitoring shall be made accessible only to authorized 
individuals, who are responsible for maintaining its confidentiality."

Full policy is at <http://www.musc.edu/ccit/cup/cup2001.html>.

 --- o ---
 Richard Gadsden
 Director of Computer and Network Security
 Medical University of South Carolina
 Charleston, SC, USA



More information about the unisog mailing list