The University of San Francisco: Information Technology Services
Information Technology

Policies Definitions

I. Overview

This document provides an overview of all unique terminology, identifiable from here on out as "definitions" for all USF ITS Policies.

II. Definitions

Authorized Use

Use of technology resources is use that is consistent with this policy and the educational, research, and service mission of USF.

Authorized Users

Authorized users (hereinafter referred to as "user") are those who have been given specific permission to use a particular technology resource by the campus unit responsible for operating the resource.

Application Administrator

An application administrator is an authorized person responsible for the administration of one or more applications. An application administrator's responsibilities typically include application configuration, account management, installation of software upgrades, and user support.

Backup Service (See also MozyPro)

A scalable, high-speed, low-cost Web-based service designed for online backup, archiving, and restoration of data.

Compromise

When anyone other than the assigned user knows the user's credentials, or the loss of positive control over secured assets and information.

Computer Retirement

After a University-owned computer reaches the end of its useful life, the computer must be properly removed from campus network and all data contained on the hard drive must be destroyed (wiped).

Credentials

The combination of username and a password, and optionally, a third factor such as a security token.

Desktop Computing Subcommittee

USF's IT Governance subcommittee that oversees the maintenance and development of USF's desktop computing environment.

Disk Wiping

The process of securely erasing data from a computer's hard drive by writing random data multiple times over disk sectors in hard drive. USF ITS uses a Department of Defense (DOD) 7-pass wipe (writes random data 7 times).

Distinction between "must" and "should"

In some policy statements within this document, the word "must" is used and in other instances, the word "should" is used. The use of "must" indicates that compliance is both feasible and expected. "Should" is used in those instances where compliance is highly desirable, but may not be technically feasible within the University's current network and technology infrastructure. In these cases, the policy statements represent goals that the University expects to achieve as its network and technology infrastructure advances.

DMZ (or Demilitarized Zone)

The DMZ is the part of the USF network that is accessible by the public. Web services and e-mail services are typical services located in the DMZ of a campus network.

Entry Point

An entry point on the USF network is a point at which the USF interfaces with another network such as the connection between the USF network and the Internet and the dial-up connection to the USF network. An entry point can also be an interface point between two zones on the USF network such as the connection between the USF Intranet and the DMZ.

Exception (i.e. Exception Process)

An action that is not part of ordinary and established ITS Policies, Standards, Guidelines, or Procedures. ITS supports technology addressed within the established Policies, Standards, Guidelines, or Procedures. ITS may not fully support non-standard technology etc.

Exception Process (See also Exception)

A formal process to request an exception from an item or aspect identified in an ITS Policy or Standard. See Computer Replacement Policy.

FERPA

The Family Educational Rights and Privacy Act of 1974, commonly referred to as the Buckley Amendment, protects the rights of students by controlling the creation, maintenance, and access to educational records. It guarantees students' access to their academic records while prohibiting unauthorized access by others.

GLBA

Gramm-Leach-Bliley Act, Pub. L. No. 106-102, 113 Stat. 1338

Graphical User Interface (GUI)

A type of user interface that allows users to interact with programs in more ways than typing, such as an operating system installed on a computer or mobile device.

Guideline

Typically a collection of system specific, procedural specific, or supported specific "suggestions" for best practice. Guidelines are not requirements to be met - unless stated within a specific Policy - but are strongly recommended. Effective policies make frequent references to standards and guidelines that exist within an organization.

HIPAA

Health Insurance Portability and Accountability Act is Federal regulations establishing national standards for health care information.

Internet

The Internet is a collection of publicly accessible individual networks forming a global network. The USF network is connected to the Internet.

Intranet

The Intranet is the part of the USF network that is only accessible by authorized users.

Job function data

Data created, managed, and utilized by USF employees to carry out job function. This includes faculty, staff, part-time staff, term staff (under contract employment), student-staff, and affiliates.

LANDesk Agent

A small application that inventories installed software and hardware devices. This software does not track web usage, e-mail or files.

Mission-Critical Network Services

Mission-critical network services are services designated by the Leadership Team to be essential University services such that loss of these services or inability to restore these services in a timely fashion would severely impede the University's ability to conduct business, have negative legal or financial impact, or endanger the health and safety of faculty, students, and staff.

MozyPro (See also Backup Service)

Secure online backup and recovery service of Macintosh and Windows desktop and laptop systems for business use.

Netguest

Short name for Network Guest Access. When an individual is provided access to the USF network via the Network Guest Access Service, the person is provided 'Netguest' access.

Netguest Sponsor

Sponsor access is generally synonymous with an active Fac/Staff role in Active Directory; Netguest Sponsor is also refereed to as Network Guest Sponsor.

Netguest Power Sponsor

Power Sponsor is provided by ITS per approved exception request; Netguest Power Sponsor is also referred to as Network Guest Power Sponsor.

Network

A network is a system of transmission media and electronic devices that supports transmission of data, audio, and video among user systems and servers. All hardware and software contributing to data, audio, and video transmission are considered part of the network. This includes the network interface hardware as well as the operating systems in user systems and servers with connections to the network.

Network Equipment

Network equipment refers to any electronic devices supporting transmission of data, audio, and video, including but not limited to, hubs, switches, routers, concentrators, and wireless access points.

Policy

Typically a document that outlines specific requirements or rules that must be met. In the information/network security realm, policies are usually point-specific, covering a single area. For example, the "Acceptable Use Policy" would cover the rules and regulations for appropriate use of the computing facilities.

Privileged Access

Any user account or service which is granted greater than normal end-user privileges, which may include Create, Write, Rename, Delete capabilities, particularly those which allow creation of new accounts or changes to existing account privileges.

Procedure (Also referred to as Standard Operating Procedure - SOP)

A specified series of established actions, steps, or operational process that are executed in a uniform manner in order obtain a consistent result under the same circumstances (for example, Windows Secure File Deletion Procedure). ITS Procedures are created under the direction of the Information Technology Governance Committee to assist USF implement appropriate and non-reputable technology practices.

Replacement Program

USF's annual technology program that replaces University-owned computers that have reached the end of their useful life. This program has a central budget.

Security Incident Response Team (SIRT)

The Security Incident Response Team includes ITS Security Services, ESI, Applications, Network Engineering and Help Desk departments as well as representatives from other USF departments as appropriate to the incident type.

Server

A server is a computer with the primary function of multi-user sharing of application, data, and/or services on a network.

Software Piracy

Unauthorized copying or installation of software.

Standard

Typically a collection of system-specific or procedural-specific requirements that must be met or used by everyone. Standards are created under the direction of the Information Technology Governance Committee to assist USF implement appropriate and non-reputable technology practices.

Standard Operating Procedure (SOP) - See Procedure

System Administrator

A system administrator is an authorized person responsible for the operation of one or more servers. A system administrator's responsibilities typically include maintenance of the operating system and hardware configurations, account management, system backup, performance monitoring, system integrity, and user support.

Technology Assets

Assets owned by the University of San Francisco that consist of the following equipment types:

  • Desktop Computers
  • Laptop Computers
  • Servers
  • Projectors
  • Printers
  • USF Standard Software
  • Note: Fax machines, copiers and other equipment are beyond the scope of this policy.

Technology Resources

USF technology resources include all network resources and technology related equipment provided by the University or third-party service providers for use by the University or general public, including but not limited to software, systems, computers, projectors, video cameras, telephones, PDAs, and wireless access points.

University Information Technology Committee (UITC)

The University Information Technology Committee exists to represent the technology needs of the USF community. The Committee makes recommendations on policy and planning issues relating to computing and telecommunications and ensures widespread consultation with faculty, students, and staff. The Committee makes recommendations to the VP for IT.

UITC Chair

Vice President for Information Technology

USF Network

The USF network includes the entire main campus network, networks at remote campuses, and connections among the campus sites.

User System

A user system is any computational or communication device that is primarily for the use of a single individual.

USF-Authorized

In the document, USF-authorized means approved by the VP for IT.

Wireless Access Point

A wireless access point is network equipment that provides mobile devices access to the network.