Over the summer, Executive Memorandum 16 (EM 16) — the Policy for Responsible Use of University Computers and Information Systems — was signed by Ted Carter, president of the University of Nebraska system, and went into effect.
Over the next couple of years, Information Technology Services will be working with campus leaders to implement changes because of EM 16 and, ultimately, help improve the security of the university community.
EM 16 serves as the university’s definitive statement on the use of electronic devices, software and information systems within the academic and employment settings of the university. Without an updated safety policy, and with the constantly changing pace of IT, university data and the identities and intellectual property of faculty, staff, and students, would be at increased risk of cyberattacks.
ITS is beginning the process of implementing changes related to EM 16. Here are several changes to be aware of:
- (UNL Only) By the end of this year, all UNL employees will automatically have @unl.edu email accounts created for them. This will help streamline onboarding and offboarding processes for university users to gain and remove access to email. Those current employees who do not have an @unl.edu email account will have the opportunity to request their preferred email address before the Dec. 31 deadline. ITS will be contacting those who are directly impacted by this change.
- Automatic email forwarding from your @firstname.lastname@example.orgemail@example.com email address to an external account (i.e., a Google account) will no longer be allowed. This will ensure that sensitive university data stays within university managed accounts. This will also help lower the impact and spread of data externally should an email account be compromised. Those who currently have automatic external email forwards/email forwarding rules set up will have their forwards removed on Dec. 31. ITS will be contacting those who are directly impacted by this change.
- All university-owned endpoints (desktops, laptops, tablets, mobile devices) will be enrolled in endpoint management when made available by ITS. This means that ITS will be able to deliver appropriate security posture configurations and keep more computer devices updated and patched, leaving them less vulnerable to attacks. ITS will be working directly with college/department technicians to implement this change.
- Security awareness training has proven to be an effective tool at reducing cybersecurity risks to organizations. In accordance with EM 16, annual security training is now required of all newly hired university employees.