IT Policy Statement Quick Reference

Note: This document provides an overview of some of the topics discussed in IT Policy Statements. However, the document does not cover all topics. Please see www.lsu.edu/itpolicy for additional details on the IT policy development process and all IT polices at LSU.

PS-06.15 Use of Electronic Mail (E-mail)

• Applies to anyone who has an *.lsu.edu address, which is the "official means of electronic communication by the University to faculty, staff, and students..."
• "Accounts and account passwords are not to be sold, rented, transferred, or shared with any other person."
• "Protected institutional and personal information shall not be sent via e-mail, unless specific steps are taken to ensure that the transmission or content of the e-mail is secure and encrypted in accordance with University standards, and the personal information therefore provided this additional level of protection."
• Eligibility to obtain University e-mail accounts (@*.lsu.edu)
• Account retention
• Mail backups, storage, and retention (note: public records or other policies with different retention requirements may also apply)
• Privacy and applicability of laws and policies

PS-06.20 Security of Data

• "Responsibilities of all users in supporting and upholding the security of data at LSU"
• "Protected information will not be disclosed except as provided by University policy and procedures, or as required by operation of law or court order."
• Chart for classification of data as public, private, or confidential

PS-06.25 Privacy of Computing Resources

• Who may and may not access computing resources and data at LSU
• Specifies strict conditions required in order to access computing resources and data outside of day-to-day access

PS-107 Computer Users' Responsibilities

• "Guidelines and restrictions regarding any and all use of computing resources at, for, or through LSU"
• "LSU may limit access to and/or review and monitor its computing resources and the use of computing resources, without notice to or authorization from user(s)"
• Appropriate use, and misuse or abuse and sanctions

PS-114 Security of Computing Resources

• "User(s) within functional unit(s) are required to report any suspected or known security breaches or flaws relating to the security of University computing resources to the IT Security & Policy Officer."