University of Pennsylvania Vice President of Information Technology & University Chief Information Officer Tom Murphy approved a consolidation of IT Security related policies into an IT Security Policy and IT Security Standard. Effective immediately, the new policy and standard replace the following policies:

• Computer Security Policy
• Information Systems Security Incident Response Policy
• Mobile Device Encryption Policy
• Web Application Security Policy
• Policy on the Definition of a PennName
• Policy on PennNames Compliance
• Policy on Requirements for Authenticated Access at Public Jacks, Kiosk, Wireless Networks, and Lab Computers on PennNet
• Policy on Server-Managed Personal Digital Assistants (PDS’s)

The consolidation, while not introducing any substantial new requirements, modernizes and clarifies requirements for managing and securing Penn information technology infrastructure.

The IT Security Policy and IT Security Standard may be accessed at:

https://www.isc.upenn.edu/ITPC/sec-standards
https://www.isc.upenn.edu/ITPC/security-policy

Questions regarding the IT Security Policy and IT Security Standard may be addressed to Nick Falcone, executive director of Information Security & University Information Security Officer, nfalcone@upenn.edu.

—Information Systems and Computing