Policies and Procedures

Information Technology Policies

Access to modern information technology is essential to the university’s mission. The following policies regarding information technology and security have been established in the Kent State University Policy Register:

• University policy on responsible use of information technology
• University Policy for Privacy for Protected Health 
• University Policy Regarding Identity Theft Prevention (aka Red Flags Rule)
• Administrative Policy on Electronic Information 
• Administrative policy on responsible use of information technology
• Administrative policy regarding electronic communications for students
• Administrative policy regarding web publishing (9-01.3)
• Web Form Operating Procedure (attached to section B of 9-01.3)

Information Technology Procedures

The Division of Information Services has developed the following procedures and guidelines to support the information technology and security policies.

Security Requirements for Faculty and Staff

A list of university security requirements put in place to maintain the integrity of the electronic information, especially that which pertains to our faculty, staff, and students.

International Travel for Faculty and Staff 

Several countries are considered to have a higher risk associated with them for identity and data security than most other countries. There are several steps that you and your department's local support/AFS members should take to ensure you have safe travels. These documents suggests items that Kent State University's Office of Security and Access Management strongly encourages you to complete to help make your trip easier, but most importantly, safer for you and your data.

• For employee travel
• For local support/AFS members with employees in their department traveling

Reporting Security Incidents

Incident Response

The Office of Security and Access Management assists in responding to and investigating incidents related to the misuse of Kent State University computing systems. Computer system security breaches resulting in unauthorized disclosure of University data or abuse of computing resources should be reported immediately to the Office of Security and Access Management.

In the event of an incident, call 330-672-5566. If your call is unanswered, listen carefully to the voicemail greeting for additional instructions. Please leave a detailed message, including a phone number you can be reached. It is very important that you reach a human being so that the issue can be addressed promptly.

Procedure Regarding Unauthorized (Rogue) Wireless Access Points and Routers

University policy prohibits the deliberate degradation of the performance of network resources or access.

See more information Rogue wireless access points and routers

Vendor Assessment Tool

In order to protect Kent State University and its systems, vendors whose products/services will access/host university data must complete the Higher Education Cloud Vendor Assessment Tool (HECVAT). This process assists the university in preventing breaches of protected information and comply with university policy, state, and federal law.

This is intended for use by vendors participating in the request for proposal (RFP) process with Kent State University and it should be completed by the vendor. There is a light and full version of the assessment tool. The vendor will need to fill out the version that corresponds with what type of university data they will access/host.

Credit Card Processing

Guidelines have been established to be used by departments when collecting credit card information from individuals in order to process payments for services, purchases, registrations, etc. Read more about credit card information security.

Credit Card Data Compromise: Incident Response Plan

This incident response plan provides guidance for identification, containment, notification, verification, communication, investigation, and remediation of incidents involving credit card data. 

Information Security Incident Response Plan

This incident response plan provides guidance for identification, containment, notification, verification, communication, investigation, and remediation of incidents involving university data. 

KSU Google Apps

Kent State University issues Google Apps accounts to all student employees, faculty and staff.

Google Apps is a communications and collaboration suite consisting of a core set of applications that may be used to perform both educational as well as academic and other university-related functions. 

For more information please read the  KSU Google Terms of Service.

Security Firewalls

For more information about firewalls, please contact the security group at 330-672-5566.

Kent State University Wireless Networks Terms of Use

Terms of use for connecting to and using the Kent State University wireless networks.

Secure Disposal of Equipment

Disposal of IT Equipment

Obsolete and damaged electronic equipment includes devices that plug into the wall or operate with batteries. For more information, please see the service catalog entry regarding disposal of IT equipment.

Disposal of DVDs, CDs and magnetic tapes

Information Services offers a secure means to dispose of surplus magnetic tapes, CDs and DVDs. Please see disposing of surplus media.