Summary
In an ever-changing world of cybersecurity threats, organizations must define strategies to mitigate risk and protect the confidentiality, integrity, and availability of their data and resources. These strategies are commonly defined through formal policies that govern the organization's information systems, data, and processes and guide the organization's operations.
ITS Policy Refresh (EM16, ITS Standards)
Executive Memorandum 16, the Policy for Responsible Use of University Computers and Information Systems, was signed and went into effect in May 2022.
Executive Memorandum 16 reflects a desired future state for the organization. Currently not all the necessary organizational and technical systems are in place today to meet the requirements in the new or revised policies. ITS senior leadership has determined that a strategy and timeline for the implementation of the organizational and technical systems is necessary to enable all areas of the University of Nebraska System to meet these new requirements.
Milestones
- May 11, 2022 - EM 16 ratified
- May 12, 2022 - Begin enrollment of new and existing devices into Endpoint Management
- Dec. 31, 2022 - All new endpoints are enrolled (Complete)
- Jan. 3, 2023 - Begin inventory of systems/services (In progress); Email forwarding no longer permitted (Complete); Security Awareness Training requirements for new employees implemented (Complete)
- March 1, 2023 - All endpoints enrolled
- Aug. 1, 2023 - University faculty and staff must use email accounts for university business
- Dec. 31, 2023 - Security awareness training requirements for current employees (Beginning summer 2023)
- March 1, 2024 - Complete inventory of duplicate systems and services
- July 1, 2025 - Duplicate systems and services deprovisioned
These policies and standards are to be applied to all University services, stakeholders, constituents, and affiliates. Due to the unique partnership that the University of Nebraska Medical Center maintains with Nebraska Medicine, UNMC may be explicitly excluded from clauses where conflicting language, practices, or procedures exist with Nebraska Medicine’s published documents. This Policy supersedes and takes precedence over any conflicting, contradictory, or inconsistent campus, college, school, department, or faculty policies, statements, guidelines, or guidance.