Security + Privacy

In order to provide its constituency with secure yet open electronic communications, UC Berkeley, and, by extension, the College of Environmental Design, must protect the physical and logical integrity of its networks, computers, software, and data. There are a variety of potential security threats to these resources, including unauthorized intrusions, malicious misuse, and inadvertent compromises.

Students: If you use a computer in any capacity at the University, you must personally take security measures in a variety of ways and greater detail is available on line.

Faculty/Staff: Please read UC Berkeley Security's IT Policy Overview for new Employees to understand security compliance on campus.

General Security Guidelines

There are some general considerations every user of public computer systems should be aware of:

  • Do not allow someone to borrow and use your Cal1 ID card.
  • You can share your CalNet login name, but do not share your passphrase.
  • Do not store confidential information on, or access your private information from, public or CED electronic devices.
  • Do not store any confidential data on public or CED-supported systems.
  • Do not open unexpected email attachments or trust unknown web or email sources.
  • Do not send sensitive information via unencrypted email.
  • Encrypt sensative data.
  • Keep critical software up to date with current security patches and virus protection.
  • Do not post information on social media that answers your security questions.
  • Use "private browsing" when accessing sites with cookies that you do not want and consider using tracking blockers.
  • Be careful with geotagging photographs.
  • Check security settings periodically.

LinkedIn Privacy Settings

  • Click on the lock (top-right on screen) and run the privacy checkup.
  • Review all the settings, but especially:
    • Content of your public profile
    • Who can see your connections
    • Sharing with third parties

Facebook Privacy Settings 

  • Run the privacy checkup and review settings, but especially
    • Application connections
  • View your profile as it appears to others and look for information you do not want to share
  • Review linkages to other services (Twitter, Instagram, etc.)

Twitter Privacy Settings

  • Click on your photo
    • View your profile to see how it looks to others
  • Click on security and privacy
    • Review all settings, but especially
      • Tweet privacy controls (can your tweets be viewed publically)
      • Phtot tagging, tweet privacy and locations
      • Linkages to other services (Facebook)

Student Computer Logout Policy

Despite our requests to not use CED computers as personal devices, we are aware that many CED students do so anyway. Routinely, students walk away from these computers while still logged in; a security exposure that can lead to serious consequences for the User and CED. CED is in a position of responsibility to ensure that restricted student data is secure according to State and Federal law and campus policy; as a result, Computer Labs and Satellite areas have a twenty (20) minute logout policy. 

After twenty (20) minutes of user inactivity (mouse or keyboard use) CED student computers will automatically log Users out.

A reminder pops up at the two (2) minute mark.
Save data prior to leaving CED computers.
All unsaved data will be lost at log-out.

Attempting to circumvent this log-out policy is considered a serious security breech and will have negative consequences including loss of privileges, notification to the Department, and depending upon the severity reporting to the Center for Student Conduct.