Search This Site


Main menu

Substantive Change: University Data Protection Standard

Wednesday, January 11, 2023 - 09:30

The standard, University Data Protection Standard, removed the two exceptions, one for vulnerability scanning (Exception 268)  and one for periodic scanning for Highly Sensitive Data (HSD; Exception 230).  The requirement for periodic scanning for HSD was removed in the Highly Sensitive Data Protection Standard for Individual-Use Electronic Devices or Media standard.  Technical requirements, including whole disk encryption for individual-use devices on the HSVPN, replaced the requirement for periodic scanning for HSD on such devices. 
The requirement for networked-device vulnerability scans must be performed and remediated per the requirements in the Security of Network Connected Devices standard 

Reviewing carefully the revised standard is highly recommended.


Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form