Date Issued


Document Type



Protecting University Data is a shared effort. Individuals with access to University Data are responsible for accessing, storing, and processing data on systems that have appropriate security controls in place for the class of data. Individuals should consult with the IT Department to determine the best way to access, store, and use their data, particularly for more sensitive data.

This document defines the minimum security standards required for any Electronic Device (defined below) or cloud service that may be used to access, store or process (input, output, transmit, receive, display, calculate, etc.) Sensitive Information (defined below) owned or used by the University. More specific security standards may be established unde other University policies and applicable laws and regulations.

Applies to all active members of the University community, including faculty, students, staff, and affiliates, and to authorized visitors, guests, and others for whom University technology resources and network access are made available by the University. This policy also applies to campus visitors who avail themselves of the University's temporary visitor wireless network access, and to those who register their computers and other devices through Conference and Event Services programs or through other offices, for use of the campus network.

Responsible Party

Information Technology