The University of Chicago | IT Policies

New! Information Security Policy

The Information Security Policy (the “Policy”) sets forth a set of requirements for ensuring security and protecting the confidentiality, integrity, and availability of University information technology resources and data.

New! Policy on Information Technology Resources and Account Privacy

The purpose of this policy is to articulate the University’s responsibilities and obligations when preserving, accessing, or disclosing information from University information technology resources. If you have questions, please review the frequently asked questions at the end of the page.

Revised: Acceptable Use Policy – Describes the policy governing the use of information technology at the University and answers frequently asked questions about the AUP.

Baseline Protection of End-User Devices – Describes specific steps for securing computers and other electronic devices from misuse or theft.

Data Classification Guideline -Describes the classification of confidential information and assigns corresponding roles and responsibilities.

Digital Accessibility Policy – Describes improvements to the user experience for those with disabilities and clarifies the goals for site owners who have already taken steps to make their content and websites accessible.

File Sharing Policy – Describes the file sharing policy for sharing copyrighted materials on the University network.

GuestNet Administration Policy – Describes how faculty and full-time staff can create accounts for their campus guests and visitors to use the wireless network for their web, email, and communications needs.

New Information Technologies and Intellectual Property at the University – Describes the basic principles surrounding new information technologies and intellectual property at the University.

Use of External Service Providers – Describes the policy for using third-party technology providers for data storage and transmission.

Placement of Computing Devices in Network Security Zones – Describes the criteria used to determine how devices are placed into network security zones.

Policy for Authenticating University of Chicago Users – Describes the requirements for authenticating University of Chicago users.

Policy On Computer Account and Email Requirements for University Employees  – Describes the policy for employee access to online University administrative systems.

Policy for the Digital Use of the Social Security Number – Describes usage and remediation guidelines for the use of Social Security Numbers (SSN) in digital form.

Policy on Port Monitoring – Describes the request methods and limitations on port monitoring.

Policy for Use of the ChicagoID – Describes usage guidelines for the ChicagoID.

Redirection of University Domain Names to External Networks  – Describes the approval process for pointing a domain name to an external network.

Requirements for Managed (Hardware) Firewalls – Describes rules for installing firewalls and devices that provide network address translation installed on the University’s network.

Research Data Center Policy – Describes the management of research data center resources to ensure optimal and equitable allocation of resources and hardware update requirements to increase power usage efficiency.

Research Data Protection Policy – Describes roles and responsibilities to promote good research practices and mitigate the risks associated with improper treatment of research data.

Sanitization of Digital Storage Media – Describes the mandatory processes for sanitizing various storage devices.

Use of Non Domain Names – Describes the circumstances under which any domain name other than can be used on the University network.

Web Properties Management Policy – Describes good web property management practices and addresses the risks associated with the management of web properties, including security, accessibility, naming requirements, and registration.