Policies

  • Network

    Purpose & Scope

    All users (faculty, staff and students) using the university network must follow University-defined processes and use University-managed network devices and wireless access points. All changes to the campus network services are made by Information Technology Services (ITS).

  • E-mail Student

    Purpose and Scope

     

    This Practice Directive defines service offering, policies, requirements and provisions governing the use of Student E-mail Services provided by San Francisco State University.

    Eligibility

     

    Matriculated Students (including CEL students) are eligible for student e-mail services. Graduated students may retain their student account or may request an email account through the Alumni Association.

  • Faculty & Staff Email

    Purpose and Scope

    This Business Practice Directive defines service offering, policies, requirements and provisions governing the use of Faculty and Staff E-mail Services provided by San Francisco State University. SF State supports one enterprise e-mail system providing all faculty and staff with an @sfsu.edu e-mail account for official University communication.

    Eligibility

    Faculty and Staff (employees) as defined by Human Resources are eligible for Faculty and Staff E-mail Services.

  • Domain Name System (DNS) and IP Address Management

    Purpose & Scope

    The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the internet. The DNS translates meaningful domain names to the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices world-wide.

    SF State has implemented this Practice Directive because:

  • Distribution Lists

    Background

    There has been growing interest in and demand for the use of email as a mechanism for distributing announcements, notices, and other information, to a wide campus audience. The purpose of this document is to outline and define a consistent campus response to such requests.

  • Digital Certification

    Definitions

    SSL secured session - An SSL session always begins with an exchange of messages called the SSL handshake. The handshake allows the server to authenticate itself to the client by using public-key techniques, and then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows.

     

  • Credit Card Payment Processing and PCI Security

    Purpose & Scope

    SF State is committed to limiting the proliferation of sensitive data and maintaining the security of customer information, including payment cardholder information such as payment card account number, expiration date, and payment cardholder verification number. To uphold this commitment, SF State follows the best practices for protecting payment card information as required by merchant banks and controls recommend by the Payment Card Industry Security Standards Council.

  • Change Control

    Purpose and scope

    This Practice Directive defines requirements for system change management for San Francisco State University-owned information technology systems, network resources (such as switches, routers and firewalls) and applications.

    Practice Directive

    All information technology systems, network resources and applications owned by San Francisco State University will be administered according to a documented and management approved change control process.