Guideline

Need to Know Access Control Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance forcontrolled access based on need-to-know requirements.

Requirement

Resource Proprietors must control access to covered data and regularly review access permissions to allow use of and access to covered data only where...