The Information Technology Division has developed and implemented a number of new policies and revised several others.

In a process ongoing for the past 16 months to revise outdated policies and codify practices that had never been written down, IT developed the new and revised policies and presented them to the President’s Cabinet, which approved them on Aug. 31.

“IT developed the new policies, which set the rules for operating college-owned computers or using the college network, as well as new procedures, which describe the steps IT will follow to implement the policies,” said Vice President of Information Technology Carl Powell. Powell said his division also developed processes, which are mostly internal to the IT division, to codify the sequence of events IT will follow.

The new policy manual will be available on the IT Web site in the next few weeks.

New policies include the following:

• Academic Account Management Policy: defines which students are authorized to receive an academic account for use in the College’s computer labs.
• Academic Computing Labs: defines policies governing student and faculty use of said labs.
• Access to External Email Services: describes policies about the sending or receiving of e-mail that is not authorized to operate on the College’s computer network.
• ADMIN/ADMIN 1 Domain Usage Policy: describes guidelines for accessing and using the College’s AMIN and ADMIN1 domain resources.
• Administrative Computer Rights: allows select users to have administrative rights to their assigned computer under certain circumstances and defines these circumstances.
• Data Backup and Retention: establishes policies for performing backups and retaining electronic data stored on computing equipment owned or operated by the college.
• Data Classification and Protection Policy: policies for the protection of institutional data.
• Electronic Media Sanitation and Disposal: defines policies on proper purging of data from electronic storage media before it is disposed of or redeployed, to prevent private or proprietary data from being made available to unauthorized people.
• Generic E-mail Accounts: defines policies for individuals or departments requiring a generic email account on the Metro State email system for multiple user access.
• Hard Drive Encryption Policy: outlines the reasons for encrypting hard drives on all laptops and tablet PCs.
• IT Governance: describes the various committees and other structures that determine how to meet the College’s IT needs.
• Minimal Security Configuration Standards: for computing and communications equipment processing college data.
• Support of Personally Owned Equipment: College IT technicians are not allowed to repair personally owned equipment of faculty, staff or students.
• Unauthorized Use of Computing and Communications Facilities: defines what is unauthorized.
• Use of Academic Computing Services: defines policies for accessing and using the College’s academic computing resources.
• VPN Access to Administrative Computing Resources: defines policies on remote access to College computer resources.

Consult the policy manual for the eight revised policies.