Apply Visit/Tour Request Information Give

Apply Visit/Tour Request Information Give

Data Security Policies

1) Administration and Operation

1.01 IT Operational Policy – Development, Approval and Implementation
1.02 Security Incident Response
- 1.02.01 Security Incident Alert Analysis (Procedure)
- 1.02.02 Security Incident Response (Procedure)

2) Network

2.01 Firewall – Border Control
- 2.01.01 Network Firewall – Border Control (Procedure)
2.02 Secure Transit
- 2.02.01 Secure Remote Access From Off Campus (Procedure)
2.03 Vulnerability Scanning
- 2.03.01 Computer Scanning Policy
2.04 Network Switch Access

3) Physical Security

3.01 Server Physical Access
- 3.01.01 Physical Security of Morgan Hall Data Center (Procedure)
3.02 Power Backup (UPS/Generator) Requirements
3.03 Access to Network Devices
3.04 Access to Workstations, Mobile Devices and Printers

4) Data Access

4.01 Data Classification
- 4.01.01 Procedures for Protected Data
4.02 Data Ownership
4.03 Data Locations
4.04 Define Data Trustee, Steward, Custodian, and User
- 4.04.01 Access and Termination Guidelines (Procedure)
4.05 Backup and Retention
- 4.05.01 Computing Services Server Backup and Retention (Procedure)
- 4.05.02 Learning Management System (LMS) Site Data Retention Policy

5) Individual Responsibilities

5.01 Acceptable Use of Information Technology Resources
5.02 Acceptable Electronic Mail Use
5.03 Electronic Mail Privacy
- 5.03.01 Electronic Mail Privacy (Procedure)
5.04 Software/Copyright
5.05 Electronic Mail Account Usage
- 5.05.01 Electronic Mail Retention Exceptions (Procedure)
- 5.05.02 Personal Electronic Mail Recommendation (Procedure)
5.06 Malware Policy
- 5.06.01 Anti-Malware Software (Procedure)
- 5.06.02 End User Compliance Responsibilities (Procedure)
- 5.06.03 Non Compliance Response (Procedure)
5.07 Mass Electronic Communications Policy

6) Access Control

6.01 Password Policy
- 6.01.01 Password Complexity and Change (Procedure)
- 6.01.02 Selecting Secure Passwords (Procedure)
6.02 Electronic Identity Authentication
- 6.02.01 Account Validation (Procedure)
- 6.02.02 Compromised Account Notification (Procedure)
- 6.02.03 Web Based Lost Password Reset (Procedure)
- 6.02.04 Electronic Identity Authentication Implementation (Procedure)
6.03 Account Management
- 6.03.01 Account Creation (Procedure)
6.04 Account and Access Termination
- 6.04.01 Account and Access Termination (Procedure)
- 6.04.02 Email Account Retention (Procedure)
6.05 Authentication
6.06 Authorization
6.07 Student Account Access By Non-Owner
6.08 Contributed Services
- 6.08.01 Contributed Services Access Request (Procedure)

7) Workstation

7.01 System Security
7.02 Workstation Data Security
- 7.02.01 Workstation Display Visibility (Procedure)
- 7.02.02 Workstation System Registration (Procedure)
7.03 Workstation Physical Security
7.04 Data Recoverability

8) Server

8.01 Operating System Security
- 8.01.01 Recommended Practices for Server Security
8.02 Administrative Access
8.03 System Recovery

9) Application

9.01 Web
9.02 Policy on Implementing Applications on Servers

10) Third Parties

Google for Education Privacy and Security Center

2025 Bradley University | Accessibility | Privacy Policy | Non-Discrimination Statement | Consumer information | Student Complaint Resolution | IBHE Online Complaint System