By John Ober, Manager, Infrastructure and Applications Support

The CDL has adopted and published a set of Information Technology Key Security Guidelines & Baseline Supporting Practices, along with a companion System Access and Account Management Policy. The guidelines are available at http://www.cdlib.org/about/policies.html. Thanks are due to the CDL Tech Council and Director’s Cabinet, and the html markup of Eric Satzman’s web production group (notably Craig Thompson).

These security guidelines complement the March adoption of a privacy policy. Enumerating “departmental” level policies, guidelines, and baseline supporting practices for both privacy and IT security that complement existing Federal, State, and University policies allows the CDL to act consistently and confidently in these areas and to respond to related inquiries from the CDL’s constituencies and clients.

Continuing the trend, CDL Executive Director Laine Farley has charged a small group – John Ober, Lisa Schiff, Joan Starr, and Lena Zentall – to develop a departmental Business/Service Continuity and Disaster Recovery framework and implementation plan whose initial results should be available in February, 2012. As with the others, that effort will interpret and extend existing UC and UCOP policies and procedures (see http://www.ucop.edu/riskmgt/emergprep/).