Body
Summary
This article explains requirements related to the use of institutional IT resources based on the University System of New Hampshire Written Information Security Program (“WISP”). The WISP consists of security policies and standards intended to protect USNH data and are in alignment with applicable laws and regulations. See the latest description of the program by following the link to "USNH Written Information Security Program" at the top of the Technology/Cybersecurity Policies & Standards page.
Content
Policies and Standards from the University System of New Hampshire (USNH) guide the use of IT resources across USNH campuses. Please review these policies regularly as updates can occur at any time. If you have questions or need training on any USNH Information Technology policy or standard, please contact the USNH Cybersecurity Team.
University System of New Hampshire Cybersecurity Policies & Standards
The University System of New Hampshire has several Cybersecurity Policies and Standards that are intended to ensure the confidentiality, security, integrity, and availability of information that USNH collects, uses, creates, and maintains. USNH IT service providers and system users should familiarize themselves with the information provided in each policy or standard. See the full list of Technology/Cybersecurity Policies & Standards
USNH Acceptable Use Policy (AUP)
The Acceptable Use Policy provides guidelines for the proper use of the University’s IT resources as well as the University’s access to information to manage these resources. You may be asked to read and confirm that you understand the AUP before you can access IT resources. The AUP is found on the Technology/Cybersecurity Policies and Standards website page – Acceptable Use Policy.
USNH Cybersecurity Policy
This policy informs all USNH community members of their responsibilities related to maintaining the privacy and security of IT resources and institutional information. The complete policy can be found at: Cybersecurity Policy.
USNH Information Classification Policy
The purpose of the Information Classification Policy is to define data categories, provide examples of each category, and provide a model that can be used by USNH institutions for classifying and protecting information. The model is a foundation for policies pertaining to the protection of information and is found in the USNH Information Classification Policy.
USNH Privacy Policy
The Privacy Policy describes how personally identifiable information (PII) collected or submitted to university websites is used and protected. The policy is linked on the USNH homepage and every website that requests PII: USNH Privacy Policy.
USNH Standards for Changing and Terminating Accounts
Permissions to access university information technology resources will be changed promptly and appropriately when the legitimate and approved business need changes, and accounts will be disabled or terminated immediately when they are no longer needed for legitimate and approved business needs. To review policies related to account changes, navigate to the Cybersecurity Policies & Standards page, then search for the "Account Management Standard" and the "Access Management Standard".
If needed, a “Change Form” can be submitted to the UNH IT Accounts Management System. Login and follow the directions provided to 'Add', 'Edit' or 'Remove' accounts.
USNH Physical Security Standard
Computer systems, resources, and data used for the transaction of USNH business shall be protected from theft, malicious destruction, unauthorized alteration or exposure, or other potential compromise resulting from inappropriate or negligent acts. For more information, search for "Physical Security Standard" on the Cybersecurity Policies & Standards page.
Additional Policies and Guidelines
USNH Higher Education Opportunity Act Compliance Document
The University System of New Hampshire takes copyright violations very seriously and has developed the a plan to combat the illegal use of copyrighted materials. This plan defines the basic requirements of the Higher Education Opportunity Act (HEOA) regarding copyright violations. For more information, see the "DMCA- USNH Digital Millennium Copyright Act Standard" on the Cybersecurity Policies & Standards page, and see this article on File-Sharing of Copyrighted Materials.
IT Policy on Protecting University Information During IT Equipment Transfer and Disposal
This section defines security controls to safeguard the confidentiality, integrity, and availability of USNH information and information technology resources for all institutionally owned devices and personal devices used for USNH business or connected to a USNH network. For more information, see the "Endpoint Management Standard" on the Cybersecurity Policies & Standards page.
For details about disposing of USNH technology equipment, see the Secure Electronic Equipment Disposal (SEED) Electronics Disposal web site.
USNH Physical and Camera Security Standard
This document defines the standards and procedure for request, approval and installation of video cameras which are installed for safety and law enforcement purposes. For more information, see the "Physical and Camera Security Standard" on the Cybersecurity Policies & Standards page.
Further Readings
USNH Acceptable Use Policy
USNH Online Policy Manual > VIII. Cybersecurity Policies and Standards - Published Policies
USNH Technology/Cybersecurity Policies and Standards - Full list, including both policies and standards
UNH IT Accounts Management System
File-Sharing of Copyrighted Materials
Secure Electronic Equipment Disposal (SEED) Electronics Disposal web site
Need additional help?
If you have questions or need training on any USNH Information Technology policy or standard, please contact the USNH Cybersecurity Team.
Visit the Technology Help Desk Support page to locate your local campus contact information or to submit an online technology support request. For password issues you must call or visit the Help Desk in person.