November 4, 2005


MEMORANDUM

TO:
UF Deans, Directors and Department Chairs

FROM:
Marc Hoit, Interim Associate Provost for IT
Kathy Bergsma, UF Information Security Manager

SUBJECT:
UF IT Security Incident Response Procedures, Standards and
Guidelines


New state privacy legislation and increased publicity
regarding privacy breaches have prompted the University of
Florida to update the UF IT Security Incident Response
Procedures, Standards and Guidelines [1].  New systems have
been implemented to facilitate tracking and reporting of
security incidents on campus.  New features include requiring
units to provide specific details about the severity of the
incident.  These details drive notification and response
procedures so that the university is compliant with the law.

Authorized unit IT workers can view incident tickets for their
unit on a restricted web site [2].  They can also access
reports describing incident history on the web [3].

It is especially important that IT workers are familiar with
the standard.  It is critical that all employees help the
university provide a unified voice in protecting the security
of our systems and data.

[1] www.it.ufl.edu/policies/security/uf-it-sec-incident-response.html
[2] https://infosec.ufl.edu/cgi-bin/followup/admin.cgi
[3] https://infosec.ufl.edu/cgi-bin/graphing/

 ============================================================
 NOTE: This and other DDD Memos are maintained on the WWW at:
                http://www.admin.ufl.edu/DDD/
       (ALL ATTACHMENTS TO ORIGINAL MEMOS ARE POSTED HERE)
 ============================================================