Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling Institutional Information. The recommendations below are provided as additional guidance for requirement 9.3 Privileged Scan.

Units must implement privileged scans for vulnerability assessment of high-risk P3, P4...

This Guideline was obsolete and has been retired as-of January 2026. Please refer to the current version of the Minimum Security Standards for Electronic Information (MSSEI) for current campus security requirements.

For questions, please contact security-policy@berkeley.edu

All UC Berkeley IT Resources and all devices connected to the UC Berkeley network or cloud services must comply with the Minimum Security Standard for Networked Devices. The recommendations below are provided as guidance to assist with achieving the “Patching and Updates” Requirements.

Devices connected to a UC Berkeley...

These Guidelines are intended to assist Berkeley Campus departments or units to ensure appropriate use of their computing and network services and to respond correctly to allegations of misuse.

Berkeley Campus departments or units may choose to provide or not provide computing and network services to defined categories of users, and may limit the types of services they do choose to provide. These decisions are based upon consideration of campus or local department or unit missions, available resources, or other academic or business needs and priorities.

Berkeley...