September 1, 2004
 

This policy establishes conditions to aid in securing campus computer systems and the campus network from unwanted access, damage, and theft.
 

This policy is implemented on all computers used at the UW-La Crosse campus.
 

Campus computer systems are vulnerable to unwanted access either physically, if left unattended in an accessible location, or via the network. In order to reduce the risk of campus computers being used, damaged, or taken by unauthorized individuals from within or outside the university, a number of security measures must be followed.
 

Computer users on campus should take the following steps to aid in protecting University owned computer systems and the campus network:

• Campus computers, especially portable computers, shall not be left unattended or unmonitored in an unsecured area. When necessary, computers should be physically secured to prevent unauthorized access and removal.

• Operating systems and designated network-related software (e.g., web browsers, email clients, network utilities) must be updated to maintain currency. Automatic update should be used if available.

• Antivirus software will be installed and updated regularly on campus computers.

• Campus computer systems must have authentication.

• Campus computers should take full advantage of built in operating system security features such as firewalls.

• ITS can monitor the campus network for security policy compliance.

Not following this policy greatly increases the vulnerability of campus computers and the campus network to unwanted access and damage via internal and external sources. When possible, a warning about necessary compliance will be issued to those in violation of this policy. Repeated noncompliance will result in unsecured computer systems being disconnected from the University's network.