UBC Information Security Standards Review - Draft Amendments
UBC Information Security Standards Review - Draft Amendments
To ensure that UBC’s confidential data and information systems are safe from a data breach, the university has Information Security Standards that govern the use and protection of university data and computing resources. As required by Policy #104, Acceptable Use and Security of UBC Electronic Information and Systems, all faculty and staff are responsible and accountable for following these standards.
These Information Security Standards are subject to periodic reviews to adapt to changing expectations and risks. The current review cycle began in March 2018.
Based on community feedback, the review committee began by making revisions to the standards that generated the most feedback, comprising:
- #1 Security Classification of UBC Electronic Information
- #2 Password and Passphrase Protection
- #3 Transmission and Sharing of UBC Electronic Information
- #5 Encryption Requirements
- #14 Vulnerability Management
Faculty and staff are invited to provide feedback on the draft amendments (PDFs linked above) by Friday, November 23rd, 2018.
CLICK HERE TO PROVIDE FEEDBACK
Alternatively, you can email your feedback directly to privacy.matters@ubc.ca.
Feedback will be forwarded to the members of the review team, who will then make final amendments to the standards and forward them to the Chief Information Officer for approval. Moving forward, the review team will draft amendments for the next set of standards, publishing them in a series of iterations for comment by the campus community.
The current Information Security Standards can be found at https://cio.ubc.ca/information-security-standards. Comments submitted in the initial feedback gathering round are also available for your review.
If you have any questions or comments about this review process, please visit https://cio.ubc.ca/security-standards-review or send an email to privacy.matters@ubc.ca.