The direction of the College’s communications and computing environment is clear: networking and computing security are of paramount concern. This approach is predicated on the knowledge that open networking environments are subject to compromise, theft of service, and intellectual property espionage.
Organizationally, the College has deployed a comprehensive security in-depth model throughout all departmental facilities. Every element implemented focuses on closing our communications and computing environment's vulnerabilities and back doors.
New College Communications and Computing Policies exist and are consistent with contemporary computing concerns and issues. These policies were reviewed and approved by the College Security Committee and the Dean’s Office. Although a more controlled environment is the result of these policies, the business of the College in administration, education, and research is impacted; faculty and staff will still have the ability to perform critical communications and computing activities. The following is a list of official College communications and computing policies:
| Policy | Number | Format | ||
|---|---|---|---|---|
| Acceptable Use Policy | COE–AUP–AD20 | HTML / PDF | ||
| Password Policy | COE–PWP–ADG02 | HTML / PDF | ||
| Least User Privilege Policy | COE–LUP–01 | HTML / PDF | ||
| Anti-virus Policy | COE–AVP–01 | HTML / PDF | ||
| Lab Anti-Virus Policy | COE–LAV–02 | HTML / PDF | ||
| Audit Policy | COE–AAP–AD20 | HTML / PDF | ||
| Server Security Policy | COE–SSP–01 | HTML / PDF | ||
| Standard Firewall Rules Policy | COE–FRP–01 | HTML / PDF | ||
| Firewall Rules Exceptions Policy | COE–FEP–02 | HTML / PDF | ||
| Virtual Private Network Policy | COE–VPN–01 | HTML / PDF | ||
| Remote Access Policy | COE–RAP–AD20 | HTML / PDF | ||
| Wireless Communication Policy | COE–WCP–01 | HTML / PDF | ||
| Backup Policy | COE–CSB–01 | HTML / PDF | ||
| Incident and Disaster Tolerance/Response Policy | COE–ITDR–01 | HTML / PDF | ||
| Data Classification Policy | COE–DCP–01 | HTML / PDF | ||
| High Performance Cluster Policy and Procedures | COE–HPC–01 | HTML / PDF | ||
| Electronic Media Disposal Policy | COE–EMD–01 | HTML / PDF | ||
| Mobile Device Security Policy | COE-MDS-01 | HTML / PDF | ||
| Guest Access to Wireless Network Procedure | GuestWireless | HTML / PDF | ||
With the implementation of these revised and new policies, the College is embracing the philosophy of security in depth. Although this policy set reflects a major paradigm shift, every effort has been made to ensure essential services and research initiatives will not be negatively impacted. It is clear that the College must maintain consistency in firewall management and rule establishment coupled with timely administration, which are essential for maintaining secure communication links and trusts. It is recognized that there will be times when exceptions to firewall rules need to be granted on a temporary, semi-permanent or permanent basis. For these special cases, there is an additional established procedure and policy for considering the implementation of firewall rule exceptions.
The most notable and recent updates to the policies include those relating to critical data backups, incident response and disaster tolerance/recovery, and the academic instruction high performance computing cluster. Furthermore, modifications of existing policies addresses the issues surrounding the possibility of the compromise of sensitive data on portable or remote systems.
All faculty and staff in the College of Engineering are governed by these policies and are responsible for reviewing and understanding the elements contained herein.
Please email regarding questions or suggestions for improving Penn State University College of Engineering Computing Policies.
Last Updated: 12/21/2009
Formerly Electronic and Computer Services (ECS)