March 17, 2005
Chris Ashley, IST-–VCO
In January 2004, the Berkeley campus policy on Minimum Security Standards for Networked Devices (http://socrates.Berkeley.EDU:2002/MinStds/) was approved with a one-year grace period before the onset of enforcement. Beginning May 2005, any networked device that is out of compliance with the Standards is subject to being blocked from connection to the campus network.
The Minimum Security Standards Policy includes a provision for requesting exceptions in circumstances where networked devices cannot be brought into compliance. Exceptions are expected to be temporary — for example: until needed resources can be acquired, changes can be made in the types of activities conducted, or new mitigating technology becomes available.
A Request for Exception site (http://security.berkeley.edu/MinStdsException.html) provides CalNet authenticated access to online request forms for either a simple request (for a single device) or a complex request (for multiple devices). Requests for exception will be reviewed by System and Network Security (SNS) Office staff and then referred to the Campus Information Security Committee (CISC) for approval decision.
Questions about the Minimum Security Standards or the exception process may be addressed to
[ iNews | Search | IST | UC Berkeley Computing | UC Berkeley ]
iNews: UC Berkeley information technology news channels
Copyright 2005, The Regents of the University of California