UC Santa CruzInformation Technology Services
Home About ITS Service Catalog News and Events Policies and Guidelines IT Governance ITS Staff Site ITS Job Opportunities ITS Frequently Asked Questions ITS Feedback Form
A-Z Index | Find People

Information Security Team
Communications Building
1156 High Street
Santa Cruz, CA 95064
Phone: (831) 459-HELP

SECURITY Home
Technical Alerts
Tips, Tricks and Tools
Detecting a Breach
Reporting an Incident
Prevention
Anti Virus
Policies
Security Services
Additional Resources
Security Training
Best Practices
Restricted Data Resources
About Our Team

Other UCSC Links:
UCSC Home
MyUCSC
ResNet
UCSC Library
AIS Home

Maintained by secweb@ucsc.edu
Last Reviewed on Oct 26, 2004

© 2008 The Regents of the University of California

 

UCSC ITS Routine System Monitoring Practices

Printer-friendly version (PDF, 245K)


Routine system monitoring activities

Authorized UCSC ITS System Administrators, Network Engineers and Security Analysts who operate and support electronic communications resources regularly monitor transmissions for the purpose of ensuring integrity, reliability and security of these resources and services. Routine monitoring activities at UC Santa Cruz include the following (manual or automated):

  1. ITS System Administrators and Security Analysts monitor transmissions and transactional data to ensure the proper functioning, reliability, and security of University information technology resources and services under their control.
  2. ITS Network Engineers and Security Analysts monitor network traffic in the course of maintaining the availability of our networked resources.
  3. As part of UCSC’s standard IT security incident response procedure, the UCSC IT Security Team is authorized to scan for personal identity information (PII) [1] on any system in response to a security breach or compromise.
    1. The system steward (or the data owner in the case of a non-shared system) shall be notified prior to performing this scan. IT Security will consult with the user/data owner (if known) on scan results indicating potential PII. Scan results must be properly protected and disposed of.

Except as indicated above, user consent is not required for this routine system monitoring.

Also see http://its.ucsc.edu/core_tech/operations/ops_monitoring_charter.php for additional information about routine monitoring of systems/devices that are hosted/administered by ITS.


Related policies and principles

The UC Electronic Communications Policy (UCECP) [2] establishes conditions under which personnel who perform routine monitoring, as described above, may observe or inspect the contents of network traffic, electronic communications, or transactional information during this monitoring. In all cases, individuals must adhere to the following principles:

  1. Only authorized personnel who have a need to access this data and who understand the restrictions on its use shall have access to it.
  2. Routine monitoring activities shall be limited to the least perusal and retention required to ensure the reliability and security of systems.
  3. Except as provided in the UCECP or by law, individuals will not seek out the contents of network traffic, electronic communications, or transactional information where not germane to the foregoing purposes, or disclose or otherwise use what they have observed. If in the course of their duties, authorized personnel inadvertently discover or suspect improper activity in violation of law or policy, reporting of such violations shall be consistent with the Whistleblower Policy (http://whistleblower.ucsc.edu/).
  4. If it is necessary to examine suspect electronic communications records beyond routine practices, the user’s consent shall be sought. If circumstances prevent prior consent, notification procedures consistent with the UCECP shall be followed.

 

--------------------------------
[1] See the UCSC Implementation Plan for Protection of Electronic Personal Identity Information for a complete definition of PII: http://security.ucsc.edu/policies/UCSC_Breach_Guideline.pdf

[2] UCECP: http://www.ucop.edu/ucophome/policies/ec/

Rev. 11/2/06