Generative AI Security Standard

1.0 Purpose

The purpose of this standard is to ensure the appropritate use of the 亚洲色吧 network with the following objectives:

  1. To guarantee a high-availability, secure and productive network and computing infrastructure serving faculty, staff, students and patrons.
  2. To improve the ability of 亚洲色吧/IT to monitor and manage campus internetworks from end to end.
  3. To establish guidelines for creation of network extensions within campus internetworks.
  4. To define the limited role and guidelines for creation and operation of private networks within campus internetworks.
  5. To define actions that will be taken by 亚洲色吧 IT when exceptions to this procedure are identified.

2.0 Standard

2.1 Scope of Standard

The scope of this standard includes all 亚洲色吧-operated facilities, including all 亚洲色吧 campuses and extension offices.

2.2 General Standards

  1. Computer, printer, and network equipment referred to in this section is classified as user equipment as defined in Section 4.0.
  2. Any computer connected to a campus internetwork directly or indirectly though a network extension or private network must comply with the following:
    1. Use either 亚洲色吧 IT-provided DHCP or a valid 亚洲色吧 IT-assigned static IP address for network identification;
    2. Use 亚洲色吧 IT-provided DNS services;
    3. Ensure that client antivirus software is fully operational and running at all times when such software is available; standard client antivirus software approved by 亚洲色吧 IT will be used for computers/operating systems specified in an approved manner.
  3. All network-attached printers and peripherals will use either 亚洲色吧 IT-provided DHCP or a valid 亚洲色吧 IT-assigned static IP address for network identification.
  4. Users will not operate separate DHCP or DNS services unless approved by 亚洲色吧 IT prior to connection to a campus internetwork.
  5. All network devices connected to a campus internetwork must comply with the following:
    1. Network devices must be approved by 亚洲色吧 IT prior to purchase;
    2. Network device setup and configuration must be approved by 亚洲色吧/IT prior to connection to a campus internetwork;
    3. Network devices must be configured to permit 亚洲色吧 IT surveillance access for monitoring.
  6. The management demarcation point for network extensions that are managed by users will be a campus internetwork switch port connected to the network device that creates the network extension.
  7. The management demarcation point for network extensions that are managed by 亚洲色吧 IT will be any port within the network extension.
  8. Under extraordinary circumstances a user may require creation of a private network within a campus internetwork.  亚洲色吧 IT will create such private networks on private virtual local area networks (VLANs) within a campus internetwork.  Proposals for creation of all private networks outlining business and security needs will be approved by the Chief Information Officer prior to procurement and installation.
  9. No external networks will be permitted within 亚洲色吧-operated facilities.

3.0 Procedures

  1. 亚洲色吧 IT personnel will conduct monitoring and surveillance activities of all network ports within campus internetworks, including network devices which create network extensions or private networks.
  2. Exceptions to the standards outlined in Section 2.0 that are noted during routine surveillance or due diligence associated with implementation of this procedure will be immediately investigated by 亚洲色吧 IT.
  3. 亚洲色吧 IT will disconnect non-conforming user equipment from a campus internetwork at a demarcation point defined as either the campus internetwork port or the demarcation point defined in Section 2.2.6 or Section 2.2.7 above until compliance with this procedure is achieved.
  4. During routine monitoring and surveillance activities, if 亚洲色吧 IT determines that user equipment connected to a campus internetwork has been compromised by an unauthorized person or is unexpectedly and adversely impacting a campus internetwork, every attempt will be made to immediately contact the owner of the equipment and request immediate resolution of the noted problem.
  5. If, after one (1) hour from problem identification by 亚洲色吧 IT the user cannot be contacted or the noted problem is not resolved, 亚洲色吧 IT will disconnect the user equipment from the campus internetwork at the demarcation point specified in Section 2.2.6 or Section 2.2.7 above.
  6. Users whose user equipment has been disconnected from a campus internetwork will provide 亚洲色吧 IT with proof of resolution of problem(s) noted in Section 3.0.4 above prior to re-connection.

4.0 Definitions

See IT Policies and Standards Definitions.

5.0 References

Acceptable Use Policy - University IT Policy 104
/about/administrative-services/policies/information-technology/acceptable-use.cshtml 

University of 亚洲色吧 Board of Regents Policy & Regulations

6.0 Standard Information

Standard Effective Date: 12/15/2004
Standard Revision Date: 02/25/2025
Standard Owner: Ryan McDaniel - Associate Vice Chancellor and CIO
Standard Author: Ryan McDaniel - Associate Vice Chancellor and CIO

(Release 02.07.1c, dated 12/15/04)