Guideline

Secure Device Configuration Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data. The recommendations below are provided as optional guidance to assist with achieving requirement 3.1, Secure Device Configuration.

Commercial Software Assessment Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data.  The recommendations below are provided as optional guidance for meeting application software security requirements.

Need to Know Access Control Guideline

UC Berkeley security policy mandates compliance with Minimum Security Standard for Electronic Information for devices handling covered data.  The recommendations below are provided as optional guidance for controlled access based on need-to-know requirements.

Guidelines for NAT Policy Compliance

Security Operations is responsible for monitoring the campus networks for signs of compromised systems and other intrusions, as well as vulnerabilities that could be exploited by hackers to gain unauthorized access to campus systems. When security issues are detected, notifications are sent to the registered security contact for remediation. Security notifications include the following information: