Policies and Procedures
Information Technology Policies
Access to modern information technology is essential to the university’s mission. The following policies regarding information technology and security have been established in the Kent State University Policy Register:
- University policy on responsible use of information technology
- University Policy for Privacy for Protected Health
- University Policy Regarding Identity Theft Prevention (aka Red Flags Rule)
- Administrative Policy on Electronic Information
- Administrative policy on responsible use of information technology
- Administrative policy regarding electronic communications for students
- Administrative policy regarding web publishing (9-01.3)
- Web Form Operating Procedure (attached to section B of 9-01.3)
Information Technology Procedures
The Division of Information Services has developed the following procedures and guidelines to support the information technology and security policies.
Security Requirements for Faculty and Staff
A list of university security requirements put in place to maintain the integrity of the electronic information, especially that which pertains to our faculty, staff, and students.
International Travel for Faculty and Staff
Several countries are considered to have a higher risk associated with them for identity and data security than most other countries. There are several steps that you and your department's local support/AFS members should take to ensure you have safe travels. These documents suggests items that Kent State University's Office of Security and Access Management strongly encourages you to complete to help make your trip easier, but most importantly, safer for you and your data.
- For employee travel
- For local support/AFS members with employees in their department traveling
Reporting Security Incidents
The Office of Security and Access Management assists in responding to and investigating incidents related to the misuse of Kent State University computing systems. Computer system security breaches resulting in unauthorized disclosure of University data or abuse of computing resources should be reported immediately to the Office of Security and Access Management.
In the event of an incident, call 330-672-5566. If your call is unanswered, listen carefully to the voicemail greeting for additional instructions. Please leave a detailed message, including a phone number you can be reached. It is very important that you reach a human being so that the issue can be addressed promptly.
Procedure Regarding Unauthorized (Rogue) Wireless Access Points and Routers
University policy prohibits the deliberate degradation of the performance of network resources or access.
See more information Rogue wireless access points and routers
Vendor Assessment Tool
In order to protect Kent State University and its systems, vendors whose products/services will access/host university data must complete the Higher Education Cloud Vendor Assessment Tool (HECVAT). This process assists the university in preventing breaches of protected information and comply with university policy, state, and federal law.
This is intended for use by vendors participating in the request for proposal (RFP) process with Kent State University and it should be completed by the vendor. There is a light and full version of the assessment tool. The vendor will need to fill out the version that corresponds with what type of university data they will access/host.
Credit Card Processing
Guidelines have been established to be used by departments when collecting credit card information from individuals in order to process payments for services, purchases, registrations, etc. Read more about credit card information security.
Credit Card Data Compromise: Incident Response Plan
This incident response plan provides guidance for identification, containment, notification, verification, communication, investigation, and remediation of incidents involving credit card data.
Information Security Incident Response Plan
This incident response plan provides guidance for identification, containment, notification, verification, communication, investigation, and remediation of incidents involving university data.
KSU Google Apps
Kent State University issues Google Apps accounts to all student employees, faculty and staff.
Google Apps is a communications and collaboration suite consisting of a core set of applications that may be used to perform both educational as well as academic and other university-related functions.
For more information please read the KSU Google Terms of Service.
For more information about firewalls, please contact the security group at 330-672-5566.
Secure Disposal of Equipment
Disposal of IT Equipment
Obsolete and damaged electronic equipment includes devices that plug into the wall or operate with batteries. For more information, please see the service catalog entry regarding disposal of IT equipment.
Disposal of DVDs, CDs and magnetic tapes
Information Services offers a secure means to dispose of surplus magnetic tapes, CDs and DVDs. Please see disposing of surplus media.