Technology Policies can be found on on the University Policy Office portal page: https://my.delval.edu/campusservices/policyoffice.
Below is a brief summary of the current technology policies and some of the ways they are relevant to you. Please read the full policies for details.
- Information Security Policy
- This policy defines the core information security measures that must be followed to address information security at all levels
- Confidential and sensitive information, including social security numbers and credit card numbers, must be protected. This includes passwords which must not be shared.
- Encryption must be utilized to protect personally identifiable information (PII).
- All computers and technology equipment must be physically secured.
- Unauthorized access and circumvention of controls are prohibited. Do not disable monitoring tools such as antivirus, application patching or PII detection tools.
- Suspicious electronic activity should be reported to Technology Services.
- All systems are the property of the University and may be monitored for technical and data protection purposes.
- Only licensed and approved software may be installed on University computers.
- Employees must only have access to the information that is required to perform their jobs.
- The Office of Technology Services will use controls to protect computers, servers, network devices, and most other technologies. These controls are described in this policy.
- Remote access will be tightly controlled to protect the University. Multi-factor authentication (MFA) is required for all remote VPN access.
- Employee Account Creation and Folder Permission Policy
- This policy describes the requirements to create all accounts and the control mechanism that controls access to network folders
- Employee Account Termination Policy
- This policy describes the process the University follows to restrict access to University accounts for terminated and separating employees.
- Account Sharing Policy
- This policy prohibits account sharing, except in rare situations. No accounts should be shared unless there is no alternative and you have worked with Technology Services to try to mitigate any risk related to account sharing.
- Mobile Device Policy
- This policy requires employees to protect University mobile devices and the data on devices.
- This policy also defines the controls that are required on devices (personal and University owned) that store University data, including email.
- Password Policy
- This policy defines the University password requirements. These requirements must be used for ALL systems and not just Technology Services managed systems.
- This policy will be updated in the coming months to reflect changes related to multi-factor authentication (MFA).
- Inactive Account Policy
- This policy defines how the University will manage accounts that are inactive for prolonged amounts of time. This policy also includes how student accounts are managed after graduation.
- Email, Messaging and Calendar Policy and Standards
- This policy defines the University standards for email, messaging and calendar that must be used.
- University email should only be used for business communications.
- All employees must use the provided Office 365 email and calendar for University business.
- Data Retention for Former and Transferred Employees
- This policy defines how employee data will be managed following a departure or internal transfer.
- Laptop/Projector Loaner Policy
- This policy defines how loaner laptops and projectors will be managed and the requirements for those who would like to borrow them.
There are often technology policies under review. We will keep you informed of these policies as they go through the University policy process and we will also let you know when there are revisions to the existing technology policies.
Please contact Technology Services if you have any questions regarding these policies or contact the Policy Office if you would like to learn more about University policies and the University policy process.