Security Policies, Standards and Procedures
Below is a list of security specific policies governing the use of the university's information systems. For a complete list of W&M IT policies, visit the IT Policies and Standards page.
Information Security Policy
This policy states the codes of practice with which the university aligns its information technology security program.
Acceptable Use Policy for Students
William & Mary students are expected to use the university's information systems appropriately and responsibly. This policy lists the activities which are prohibited and the potential disciplinary actions that the university may impose in response to policy violations.
Acceptable Use Policy for Faculty and Staff
University employees are responsible for the protection and proper use of university administrative data, third party proprietary information, and information systems according to the policy provisions set forth in this policy.
Email Policy
The purpose of this policy is to ensure that this critical service remains available and reliable, and is used for purposes appropriate to the university's mission.Data Classification Policy
This document defines the university's system and data classification scheme and established procedures for protecting critical IT systems and sensitive university data processed, received, sent, or maintained by or on behalf of William & Mary.
Security Awareness and Training Policy
This document defines the university's requirements for administering a comprehensive security awareness and training program.
Access to Electronic Records Policy
This policy establishes the rules and procedures for providing access to electronic records owned by William & Mary, administered by the Information Technology department, and stored on or transmitted by William & Mary owned or leased computers and/or networks.
Questions?
Contact the Technology Support Center (TSC)
757-221-4357 (HELP) | [[support]] | Monday - Friday, 8:00 am - 5:00 pm