Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn

 

Saturday, October 25, 2014

 
  New Resources
Travel Tips for Data Security
Free Security/Privacy Training Resources
Penn+Box
Two-step verification
Combating Malware
SafeDNS
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
 
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Spam
Phishing
Wireless Networking
Encryption & digital signatures
 
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
 
  More in-depth information for
Local support providers
System administrators
 
  Security initiatives
Critical host compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
 
  Related links
Electronic privacy
PennKey
Viruses
Worms, trojans, backdoors

Information Security and Network Monitoring

ISC's Office of Information Security is responsible for maintaining the security of Penn's digital assets.

Per University policy [1], the Office of Information Security is authorized to access University electronic information only under specific circumstances, including: to comply with legal orders; when investigating a violation of law or serious infraction of policy; to maintain the integrity of a University computing system; to assist in an emergency; or in the case of staff, as necessary to allow University business to proceed. Whenever possible the University's need for any information will be met simply by asking an individual for it.

In support of our mission, Information Security uses various technologies to ensure the integrity of Penn's networks, including devices that alert on anomalous or malicious activity (e.g., an Intrusion Detection System, or IDS) and network and system log files that can be queried to assist in an investigation. Examples of malicious and unauthorized activities can be found in the University's Acceptable Use policy [2]

These responsibilities notwithstanding, no Information Security functions should interfere with the University's commitment to the principles of open expression [3].

Questions or concerns about how the Office of Information Security operates these network technologies should be directed to the University Information Security Officer at security@isc.upenn.edu.

[1] Policy on Privacy in the Electronic Environment
http://www.upenn.edu/provost/PennBook/policy_on_privacy_in_the_electronic_environment

[2] Policy on Acceptable Use of Electronic Resources
http://www.upenn.edu/computing/policy/aup.html

[3] Guidelines on Open Expression
http://www.upenn.edu/provost/images/uploads/Guidelines_on_Open_Expression.pdf

Last updated: Thursday, November 29, 2012

top

Information Systems and Computing
University of Pennsylvania
Comments & Questions


Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania