Information Security Standard U12

Print-friendly version

Restricted Software and Services

Introduction

  1. To protect the confidentiality, integrity and availability of UBC Electronic Information and Systems, this standard restricts or recommends against the use of specific third-party Software Applications, including Mobile and Web Applications, that pose significant risks. These may include, but are not limited to, Software Applications that are flagged or restricted by the Government of Canada, the Government of British Columbia, provincial and federal Privacy Commissioners and trusted cybersecurity sources.
  2. This standard applies to all Devices—no matter whether they are owned by the University, by the User, or by a third party—that access UBC Systems requiring a User Account, or Devices used for University Business.
  3. The Chief Information Officer has issued this standard under the authority of Policy SC14, Acceptable Use and Security of UBC Electronic Information and Systems. Questions about this standard may be referred to information.security@ubc.ca.

Restricted Software and Services

  1. The table below sets out the list of restricted Software Applications and will be updated as required to address emerging risks.
    § Application Restriction Scope of Restriction Clarifying Notes Restriction Effective Date
    2.1.1 End of Life Software Restricted Operating Systems
    Applications    		 Refer to the Vulnerability Management standard 2014-08
    2.1.2 Kaspersky Not recommended All Applications The restriction does not apply to accessing the research from Kaspersky Lab. 2023-10
    2.1.3 TikTok Not recommended Mobile Application See Use of TikTok at UBC 2024-09
    2.1.4 DeepSeek Use and installation is restricted. UBC also blocks use on the University network. Web Application
    Mobile Application
    Desktop Application    		 The restriction does not apply to downloading and making use of the DeepSeek model. See DeepSeek Restrictions at UBC 2025-03
  2. The University may implement blocks or other measures to prevent the use or installation of restricted Software Applications.
  3. If a User wishes to use a Software Application in a way that is restricted, then a variance must be requested from the CIO, as per the Requesting Variances standard.

Related Documents and Resources

  1. Policy SC14, Acceptable Use and Security of UBC Electronic Information and Systems
  2. Vulnerability Management standard
  3. Use of TikTok at UBC
  4. DeepSeek Restrictions at UBC
  5. Requesting Variances standard

Standard Last Revised: 2025-03

This page was last updated on Tuesday, March 18, 2025