SSL secured session - An SSL session always begins with an exchange of messages called the SSL handshake. The handshake allows the server to authenticate itself to the client by using public-key techniques, and then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows.
SF State is committed to limiting the proliferation of sensitive data and maintaining the security of customer information, including payment cardholder information such as payment card account number, expiration date, and payment cardholder verification number. To uphold this commitment, SF State follows the best practices for protecting payment card information as required by merchant banks and controls recommend by the Payment Card Industry Security Standards Council.
This Practice Directive defines requirements for system change management for San Francisco State University-owned information technology systems, network resources (such as switches, routers and firewalls) and applications.
All information technology systems, network resources and applications owned by San Francisco State University will be administered according to a documented and management approved change control process.
This Practice Directive defines requirements for applications (including software on appliances) developed or deployed (whether on or off-campus) for San Francisco State. This applies to technology purchased, obtained at no cost or custom developed (in-house or by third-parties).
This Practice Directive is applicable to all SF State departments and operational units operating network devices, production servers, academic systems, and academic servers. This document describes San Francisco State University's Practice Directives for analog lines connecting modems to computers.
Computer-to-Analog Line (Modem) Connections
Remote access should occur via secure and approved methods such as VPN rather than via modems wherever possible. Therefore, effective August 1, 2010:
This Practice Directive provides direction and support for managing access to SF State information assets and guidance for granting access to SF State information assets, separating duties of individuals who have access to SF State information assets, conducting reviews of access rights to SF State information assets and modifying users' access rights to SF State information assets.
The P-Card should be the primary means to obtain approved supplies costing $2,500 or less per transaction (including tax and shipping). Cardholders are encouraged to use the Procurement Card for such purchases to achieve cost savings for the university and improve processing time. Use of the P-Card reduces the traditional and labor intensive procurement process for these types of purchases.
SF State University promotes communication among all members of the University community and the public that it serves. To enhance communication, the University is committed to maintaining an online directory that contains current contact information of all current SF State faculty and staff.
Active Directory (AD) is a directory of people, computers, and groups that provides a way to manage security, software and other aspects of the computers. Through the central AD services, Information Technology Services (ITS) is able to provide authentication to the computers participating in the AD using SF State ID, eliminating the need for a separate local or other accounts.