[unisog] IDS policies
gadsden at musc.edu
Wed Apr 30 17:47:03 GMT 2003
On Wed, 30 Apr 2003, Robert Dormer wrote:
> I was wondering if anyone could direct me to where I might find some sample
> policies from universities regarding intrusion detection systems? Thanks
> in advance.
Not sure if this is what you're looking for, but our institutional
Computer Use Policy contains language which both authorizes and restricts
intrusion detection (monitoring) systems. Here's an excerpt:
"...the University reserves the right to monitor user activities on all
University computer systems, and to monitor communications utilizing the
University network, to ensure compliance with University policy, and with
federal, state and local law. Monitoring shall be performed only by
individuals who are specifically authorized, and only the minimum data
necessary to meet institutional requirements shall be collected. Data
collected through monitoring shall be made accessible only to authorized
individuals, who are responsible for maintaining its confidentiality."
Full policy is at <http://www.musc.edu/ccit/cup/cup2001.html>.
--- o ---
Director of Computer and Network Security
Medical University of South Carolina
Charleston, SC, USA
More information about the unisog