Information Security Policies and Standards

Know your rights and responsibilities concerning the proper and ethical use of technology on campus by reading the policies, standards and guidelines set down by federal, state and UCF policymakers on our IT Policies, Security Standards and Guidelines page.

University Policies

University-wide policies, including those relating to IT, security, and compliance, can be found at

Security Standards

101 Multi Function Device (MFD) Standards


All who have access to use a networked university Multi-Function Devices (MFD) have the responsibility to ensure the overall security of the data and documents it processes. Members of the university using or administering MFDs should comply with the Data Classification and Protection policy (4-008) and the standards set forth in this document.

101 Multi-Function Device (MFD) Standards

102 Computer Standards

General standards for workstations and mobile devices in compliance with UCF security policies and best practices.

104 Server Security Standards

Standards for server security in compliance with UCF security policies and best practices.

501-101 Password Standards


Passwords are the most frequently utilized form of authentication for accessing a computing
resource. Due to the use of weak passwords, the proliferation of automated password-cracking
programs, and the activity of malicious hackers and spammers, they are very often also the
weakest link in securing data. Greater risks require a heightened level of protection. Passwords
must therefore follow these standards.


State and Federal Policies and Guidelines

  • Florida Computer Crimes Act
    Computer users shall comply with all applicable user conduct codes and rules, laws, and regulations governing the use of computer and telecommunications resources under Chapter 815, Florida Statutes, Computer Crimes Act.
  • The United States Code
    This is a current copy of the US Code if there is a specific federal law you want to visit.
    Family Educational Rights and Privacy Act.
  • DMCA
    Digital Millennium Copyright Act contains legislation concerning the circumvention of copyright protection systems, fair use in a digital environment, and online service provider liability.
    The Health Information Portability and Accountability Act.


Request further information or send your feedback to