The University has established principles, policies, standards, guidelines, and procedures to safeguard IT systems, protect the privacy of students and staff, and comply with contractual requirements and legislation. These must be followed at all times.
UCD Enterprise Architecture Principles
| A set of UCD Enterprise Architecture Principles have been approved by the UMT to inform, guide and govern the design and deployment of applications and technologies across the University. Alignment with these principles is a requirement for all initiatives, from local solutions in individual schools and units, to centrally-managed enterprise platforms deployments. Also see Enterprise Architecture, for how EA supports IT solution decision making within IT Services and across the University. |
UCD IT Policies
|
|
This policy sets out University standards for the creation of strong passwords, the frequency of change and reuse of those passwords, and the protection of those passwords |
|
|
The purpose of this policy is to safeguard Personal Data and Confidential University Information from being exposed to threats through the use of unprotected and unsecured devices. This policy seeks to reduce the risk of an information security related incident from a device being lost, stolen, used or exploited in such a way to take unauthorised advantage of Personal Data or Confidential University Information. |
|
|
The purpose of this Policy is to provide all those who use the University’s IT Resources with clear guidance on the acceptable, safe, respectful and legal way in which they can use the University’s IT Resources. This Policy is designed to ensure that the University can offer the widest possible range of IT systems and network resources to UCD’s community in a way that is compliant with data security and data protection and is not intended to limit use of the University's information services |
| This policy deals with the acceptable use and the controls required for receiving, processing and storing information in respect of all card receipts accepted and refunds made by the University. |
|
| This policy sets out how the University responds to exceptional requests outside of standard business practices, to authorise a person or party access to “Data” held in any University supported IT service or University owned device, whether it is provided directly by a University unit or is managed by a third party on behalf of the University. |
IT Standards
| UCD IT Services Standards for generation of UCD Email addresses |
This document is an outline of how UCD email addresses are generated and what the process is to request a change to an email address. |
| Standards for remote access to the University’s IT Resources. |
|
| A library set of Technical Standards is provided to help ensure that applications and technologies being purchased or developed adhere to the EA Principles. The Technical Standards should be adopted and adapted as required. |
|
| The purpose of this Third Party Application Integration policy is to provide clear guidance on factors that must be addressed if an integration of a Third Party Application with an existing UCD IT System is to be considered. The policy also outlines the principles that will guide the decision-making and approval processes. |
IT Guidelines
|
|
|
|
|
Before considering a cloud computing service or engaging a cloud service provider, you should be satisfied with the reputation of the cloud provider and that their security standards are sufficient and appropriate. |
| The purpose of this questionnaire is to ensure that the Cloud Service Provider have appropriate IT security controls in place to help protect the availability, confidentiality and Integrity of the University Information as required in Article 32 of the General Data Protection Requirements. |
|
|
|
The purpose of this document is to define the IT Security Review Process to clarify when a review is needed, how it is undertaken and who needs to be involved. |
| How to protect your Laptop and Desktop |
|
| Device Encryption, Secure Network Access, and File Level Encryption |
|
| Strong Passwords, Phishing, Protecting your Data, Top Security Tips |
|
| The purpose of this guide is to help Website administrators to secure their website and develop a response plan to deal with a website hacking or malware incident. |
IT Procedures
| The IT Services Technical Design Authority reviews and approves proposed changes based on an assessment of technical solution , security, risks, architectural alignment, and support. *IT Services access only |
|
| IT Account (and the services thereof) eligibility Also see IT Services entitlements (Service Entitlement Matrix) |
|
| This purpose of the procedure is to define the roles, responsibilities and the process for the investigation and response to IT security incidents |
|
| Response procedures to manage accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. |
|
| The purpose of this document is to focus on the IT Security related policies, to align the policies, procedures and guidelines that are needed to govern IT Security in University College Dublin. The Framework is reviewed and updated on a regular basis or as required by Legal, Regulatory, technical, or administrational needs. |
|
| How to Register your device on the UCD network |
UCD IT Services
Computer Centre, University College Dublin, Belfield, Dublin 4, Ireland.Contact us via the UCD IT Support Hub: www.ucd.ie/ithelp