Electronic information and printed information from electronic stores, entrusted to Missouri State University, will be protected in accordance with the levels established by the Data Classification policy. Information in Levels 3-5 of the Data Classification policy can be carried on mobile devices or transmitted only if encrypted. Exceptions to this must be approved by the Information Security Officer (ISO). Information in Levels 2-5 must not be posted to social networking sites, including those sponsored by the University.
This policy covers University information from its creation or acquisition, to its access, use, communication, storage, and destruction. Standards set by the Information Security Unit of Computer Services address methods to manage and protect information contained in electronic documents, printouts of those electronic documents, computer databases, software programs, communication systems, information storage facilities, system and data event logs and any other repository under the control of the University.
The Information Security Officer reserves the right to examine, or authorize examinations of, electronic mail messages, portable storage devices, files on desktops and laptops, web browser cache files, web browser bookmarks, and other information stored on or passing through University computing resources when data compromise is suspected.
Each University entity is responsible for following guidelines that the University has developed or from governmental regulations for retention of data in its control. Disciplinary action may be taken when this policy is not followed.
Reason or Purpose for Policy
Members of the University community must be confident that the information they provide is maintained securely.
Entities Affected by this Policy
All entities contained in or under the direction of the Missouri State University system.
Line of Authority
- Responsible Administrator and Office: Chief Information Officer (CIO)
- Contact Person in that Office: Information Security Officer (ISO)