Rutgers University's information technology resources provide faculty, staff, students and guests with access to the digitized world of data communications. The University is committed to establishing and maintaining a safe, secure computing environment that supports its mission of teaching, learning and service to the state. To that end, the University has set policies to ensure the integrity of its infrastructure, the security of its data and the efficient and ethical use of its resources.
All members of the University user community are responsible for adhering to the policies and guidelines listed below. In addition to the University-wide policies there may be supplemental local policies in specific areas; users should check with their respective department administrators. This is a focused list of University Policies that relate to computing and information technology; the full list is available at the University Policy Library.
University Policy Library
70.1.1 Acceptable Use Policy for Computing and Information Technology Resources
This policy outlines the standards for acceptable use of university computing and information technology resources which include, but are not limited to, equipment, software, networks, data, and telephones whether owned, leased, or otherwise provided by Rutgers University.
50.3.7 Copyright Policy
This policy sets forth the rights and responsibilities of the university, its faculty, students, and employees in their roles as members of the university community in creating and using copyrighted works.
30.4.5 Records Management
This document provides the policy framework for the University's goal to achieve the efficient management of its records, regardless of their form or medium.
50.3.11 Gramm-Leach Bliley (GLBA) Information Security Policy
This policy details the position of the university to provide safeguards to protect information and data in accordance with the Financial Services Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA).
50.3.12 Red Flag Detection and Reporting Policy
The Red Flag Detection and Reporting Policy for Rutgers, The State University is designed to comply with regulations issued by the Federal Trade Commission to combat identity theft pursuant to sections 114 and 315 of the Fair and Accurate Credit Transactions Act.
50.3.9 Safeguarding Personal Information; Identity Theft Compliance Policy
This policy is to assist in both the prevention and detection of identity theft by outlining guidelines for collecting, retaining, and restricting access to personal information.
30.4.3 Surplus Property
This document provides guidelines for the transfer, storage, disposal, or sale of surplus University assets including all computing equipment in order to ensure compliance with all grant/contract sponsors' and/or the University's requirements.
60.4.11 Telecommuting Policy
This policy relates to telecommuting personnel and the computing equipment utilized for this purpose.
70.1.2 Information Classification Policy
This policy outlines the standards for classifying information at Rutgers, The State University of New Jersey. Classification categories (Restricted, Internal and Public) are provided and defined in order to ensure protection of University data is consistent with all applicable laws and regulations, particularly with respect to protected health information.
70.1.5 World Wide Web Accessibility Policy
This policy establishes standards for the accessibility and usability of web-based information and services to ensure compliance with applicable local, state and federal regulations and laws.
Guidelines and Standard Operating Practices
Agreement for Accessing University Information
Many faculty and staff have functions and responsibilities that require them to access information while supporting the university's functions of education, research, and service. This agreement document outlines the scope of the respective individual's responsibilities.
Authentication Standard (DRAFT)
The purpose of this standard is to identify authentication controls and processes so that both central and distributed units can apply a consistent authentication model.
Camden Computing Services Policies
Link to a list of Camden Campus specific computing policies for their user community.
Contract Addendum Concerning Protected Information
This addendum covers service provider contracts. It states that the service provider agrees that it will protect the Covered Data and Student Financial Information it receives from Rutgers in compliance with the laws and regulations that protect it.
Guidelines for Use of Email for Official Purposes
These guidelines are for using email to communicate with large numbers of people (over 50) for official University purposes.
IT Security Guidelines for Domestic and International Travel
Provides IT security guidelines and best practices when traveling with electronice devices.
Minimum Security Standards for Electronic Devices
These security standards are mandatory requirements, and establish an effective baseline of appropriate system, administrative, and physical controls to apply to data based upon its classification.
New Brunswick Campus Computing Lab Usage Guidelines
This document defines Computing Lab regulations governing use restrictions for university equipment.
Residential Networking (ResNet) Guidelines
Students using computers in their rooms connected to the Rutgers Network must follow rules regarding computer usage; this list details the guidelines.
Rutgers University Higher Education Opportunity Act Plan (HEOA)
This page outlines Rutgers plan to comply with the Higher Education Opportunity Act (HEOA) which covers copyright and intellectual property rights.
Security Best Practices
The website of Information, Protection and Security division of the Office of Information Technology contains information about relevant policies and laws as well as security best practices.
Telecommunication Division Guidelines
These guidelines cover telecommunications areas including network bandwidth, host removal, switch access, address space, video, etc.
SSN Disclosure Statement
This document explains the Office of Information Technology's use of social security numbers.