• E-mail Student

    Purpose and Scope


    This Practice Directive defines service offering, policies, requirements and provisions governing the use of Student E-mail Services provided by San Francisco State University.



    Matriculated Students (including CEL students) are eligible for student e-mail services. Graduated students may retain their student account or may request an email account through the Alumni Association.

  • Faculty & Staff Email

    Purpose and Scope

    This Business Practice Directive defines service offering, policies, requirements and provisions governing the use of Faculty and Staff E-mail Services provided by San Francisco State University. SF State supports one enterprise e-mail system providing all faculty and staff with an @sfsu.edu e-mail account for official University communication.


    Faculty and Staff (employees) as defined by Human Resources are eligible for Faculty and Staff E-mail Services.

  • Domain Name System (DNS) and IP Address Management

    Purpose & Scope

    The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the internet. The DNS translates meaningful domain names to the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices world-wide.

    SF State has implemented this Practice Directive because:

  • Distribution Lists


    There has been growing interest in and demand for the use of email as a mechanism for distributing announcements, notices, and other information, to a wide campus audience. The purpose of this document is to outline and define a consistent campus response to such requests.

  • Digital Certification


    SSL secured session - An SSL session always begins with an exchange of messages called the SSL handshake. The handshake allows the server to authenticate itself to the client by using public-key techniques, and then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows.


  • Credit Card Payment Processing and PCI Security

    Purpose & Scope

    SF State is committed to limiting the proliferation of sensitive data and maintaining the security of customer information, including payment cardholder information such as payment card account number, expiration date, and payment cardholder verification number. To uphold this commitment, SF State follows the best practices for protecting payment card information as required by merchant banks and controls recommend by the Payment Card Industry Security Standards Council.

  • Change Control

    Purpose and scope

    This Practice Directive defines requirements for system change management for San Francisco State University-owned information technology systems, network resources (such as switches, routers and firewalls) and applications.

    Practice Directive

    All information technology systems, network resources and applications owned by San Francisco State University will be administered according to a documented and management approved change control process.

  • Analog Modem Security and Requests

    Purpose and Scope

    This Practice Directive is applicable to all SF State departments and operational units operating network devices, production servers, academic systems, and academic servers. This document describes San Francisco State University's Practice Directives for analog lines connecting modems to computers.

    Practice Directive

    Computer-to-Analog Line (Modem) Connections

    Remote access should occur via secure and approved methods such as VPN rather than via modems wherever possible.  Therefore, effective August 1, 2010: