The following is a list of computing policies and procedures which are essential to guarantee the safety and security of the School of Architecture’s computing hardware, software, and associated data. These policies apply to anyone using a computer in the school, including all Faculty, Staff, and in many cases, Students.

Password Protection of Account Access- Password-protected logon to both network services and individual computers is required at all times. All passwords and accounts will be unique and personal to a human individual, not generic or shared, as in group accounts. All accounts will be received through either ITC of the Computer Technologies Office of the School of Architecture.

Passwords and other sensitive account information should never be given out, written down, distributed, or in any other way disseminated to any parties, either within or outside of the Community.

Password Protected Screen Savers- Screen savers should be enabled on personal computers which activate after a maximum of ten (10) minutes of user inactivity. The subsequent deactivation of these screen savers should be password protected.

Up-to-date Antivirus and System Security Software- Individual computers on the School’s networks should be updated with the most current version of antivirus and/or security software, which should include, but not be limited to, virus definitions, operating system updates, and the like.

Staff/Faculty Access to Personal Computers- Faculty and staff should follow the best possible security practices to prevent unauthorized access to computers which they use at their desks. This includes, but should not be limited to, password protected screen savers, locking offices when unoccupied, and limiting or preventing access to faculty/staff computers by students serving as teaching and/or research assistants.

Transmission of Data- E-mail of sensitive information as clear text should never be performed, as this method is insecure. In those cases where e-mail of sensitive information is required, such electronic transmissions must be encrypted via a standard technology such as PGP.

Monitor Visibility- On computers in which especially sensitive information (such as Social Security Numbers), is stored and/or displayed, the monitors and/or displays of those computers should be physically arranged in such a way that the screen of the monitor or display cannot be seen by anyone other than those persons which are authorized to view the sensitive information.

Personal Data on School-Owned Hardware- Any and all personal or academic data which is kept on office and/or portable computers should be removed by its owner prior to leaving the Community. Data which is sensitive or proprietary to the School shall not be taken with the employee upon termination, retirement, or resignation.

The School of Architecture will, upon repossession of the hardware, reformat, delete, or otherwise make inaccessible all data and/or software which belonged to the User. The Architecture School is not responsible for copying, backing up, or in any other way safeguarding the data on the computer after its repossession.

User Awareness/Training- Members of the School of Architecture Community will be made aware of existing risks and what they can do to prevent them through an orientation process.

For a more thorough listing of the School of Architecture's security procedures for computing technologies, please read the Security Guidelines and Procedures.

Included in that document are references to state and federal regulations that serve as the basis for the methods and procedures outlined above.