UpDate - Vol. 12, No. 18, Page 1
February 4, 1993
New policy gives guidelines for protecting UD information

     An Information Security Policy has been established, which makes it
the responsibility of all University employees to protect University
information in any form, including that on computers.
     The policy statement has been included in the Policies and Procedures
Manual  and is available on-line through the Gopher service.
     University administrators are required to make employees aware of the
policy by establishing information security procedures appropriate for
their  respective units.
     The policy pertains to information in any form, including electronic
information.  It is the foundation for other University policies, such as
the Policy for Responsible Computing and the University Archives and
Records and Management Program, which address more specific information
security situations.
     The new policy is particularly important to the University at a time
when computers and networks are making information more available to a
growing number of people.  All employees must be aware that University
information that they process, view, hear or file is an asset they are
required to protect.  No computer security system, not even sound password
procedures, will provide sufficient protection for information if employees
are careless.
     Although University employees have always assumed this responsibility
as part of their jobs, the policy statement and its publicity are intended
to heighten the awareness of the responsibility and to help each employee
scrutinize his or her work habits and use sound procedures.
     Unit managers may obtain a copy of policy guidelines by contacting
Susan Allmendinger, CNS, at 831-1975 or susan@brahms.udel.edu.