To ensure that UBC's confidential data and information systems are safe from a data breach, the university has Information Security Standards that govern the use and protection of university data and computing resources. As required by Policy #104, Acceptable Use and Security of UBC Electronic Information and Systems, all faculty and staff are responsible and accountable for following these standards.
These Information Security Standards are subject to periodic reviews to adapt to changing expectations and risks. The current review cycle began in March 2018.
Review Phase I
Based on community feedback, the review committee began by making revisions to the standards that generated the most feedback, comprising:
- #1 Security Classification of UBC Electronic Information (View Draft PDF)
- #2 Password and Passphrase Protection (View Draft PDF)
- #3 Transmission and Sharing of UBC Electronic Information (View Draft PDF)
- #5 Encryption Requirements (View Draft PDF)
- #14 Vulnerability Management (View Draft PDF)
Faculty and staff are invited to provide feedback on the draft amendments (PDFs linked above) by Friday, November 23rd, 2018.CLICK HERE TO PROVIDE FEEDBACK
Alternatively, you can email your feedback directly to firstname.lastname@example.org.
Feedback will be forwarded to the members of the review team, who will then make final amendments to the standards and forward them to the Chief Information Officer for approval. Comments submitted in the initial feedback gathering round are also available for your review.
Review Phase II
Moving forward, the review team will draft amendments for the next set of standards, publishing them in a series of iterations for comment by the campus community.
If you have any questions or comments about this process, please send an email to email@example.com.