Guideline

Security Audit Logging Guideline

Requirement

Resource Custodians must maintain, monitor, and analyze security audit logs for covered devices.

Description of Risk

Without appropriate audit logging, an attacker's activities can go unnoticed, and evidence of whether or not the attack led to a breach can be inconclusive.

Recommendations

Regular log collection is critical to understanding the nature of security incidents during an active investigation and post mortem analysis. Logs are also useful for establishing...

Guidelines for Use of Campus Network Data Reports

Campus network data reports may be sent to campus departments by Network Operations and Services (NOS) or the Information Security Office (ISO), either because operational or security issues have been observed, or when otherwise requested by the departments. This access is given on the condition that the use of the data must respect all governing laws and policies. In particular, its use must comply with the University's firmly-held principles of academic freedom and shared governance, freedom of speech, and privacy, within the context of the University's legal and other obligations....

Security Audit Log Analysis Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance for audit logging requirements.

Requirement

Resource Custodians must maintain, monitor, and analyze security audit logs for covered devices.

Description of Risk

Without appropriate...

Intrusion Detection Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance to meet continuous vulnerability assessment and remediation requirements.

Requirement

Resource Custodians must continuously monitor for signs of attack and compromise on all covered devices....

Block Auto-run on Removable Devices Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance to meetmalware defenses requirement.

Requirement

Resource Custodians must configure covered systems to not auto-run content from removable or remotely-mounted media.

Description of Risk

...

Managed Software Inventory Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance to assist with achieving requirement 2.1, Managed Software Inventory.

Requirement

Resource Custodians must manage and regularly review installed software, and install only software packages required for business...

Secure Device Configuration Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance to assist with achieving requirement 3.1, Secure Device Configuration.

Requirement

Resource Custodians must utilize well-managed security configurations for hardware, software, and operating systems based on an industry...

Commercial Software Assessment Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance for meeting application software security requirements.

Requirement

Resource Proprietors and Resource Custodians must validate that commercial software meets security criteria used by the...

Need to Know Access Control Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance forcontrolled access based on need-to-know requirements.

Requirement

Resource Proprietors must control access to covered data and regularly review access permissions to allow use of and access to covered data only where...