Purpose

This policy is designed to enhance Kean University’s cybersecurity by restricting the forwarding of university emails to external email systems. This measure is critical to safeguarding sensitive information, ensuring compliance with university data protection standards, and aligning with Kean University’s overall cybersecurity strategy as outlined in the Board of Trustee’s 2022 policy documents. 

Scope

This policy applies to all Kean University employees, student workers, contractors with access to the University's email system. 

Policy Statement

Email Forwarding Restrictions

• Users are strictly prohibited from configuring University email accounts to automatically forward emails to external email systems. 
• Manual forwarding of University emails to external email systems is also prohibited.

Exceptions

Exceptions to this policy may be granted on a case-by-case basis. Requests for exceptions must be submitted in writing to the IT Department and will be reviewed by the Chief Information Officer (CIO), a delegate of the University Cabinet, Chief Legal Counsel, and the Vice President of Research. Approved exceptions will be documented, monitored, and periodically reviewed for compliance. 

Review and Revision

This policy will be reviewed annually by the IT Department and updated as necessary to ensure its effectiveness and relevance to evolving cybersecurity risks. 

Responsibilities

• Users: Adhere to the policy and report any suspected violations to the IT Department.
• IT Department: Implement and enforce this policy, review exception requests, and conduct annual policy reviews. 
• VP of IT (CIO/CISO): Oversee the policy's implementation and enforcement, approve exceptions, and ensure compliance. 

Contact Information

For questions or concerns regarding this policy, please contact the IT Department’s VP at [email protected].