Information Management

Op12.07-3 Information Management

Definitions

Computing resources: Any physical or virtual component of an information system.

Policy statement

This policy covers University information from its creation or acquisition, to its access, use, communication, storage, and destruction. Standards set by the Information Security unit of Information Services address methods to manage and protect information contained in electronic documents, printouts of those electronic documents, computer databases, software programs, communication systems, information storage facilities, system and data event logs and any other repository under the control of the University.

Information entrusted to Missouri State University will be protected in accordance with the levels established by the Information Classification policy.

Information that is Private or Restricted:

  • Should not be carried on mobile electronic devices or portable unless the data is encrypted.
  • Should not be transmitted to recipients external to the Missouri State University network unless approved by the Custodian of Records.
  • Should not be posted to social networking sites, including those sponsored by the University.
  • Should be stored in an encrypted state for digital information and a physically secure location for printed information.

The Information Security Officer has authority to examine, or authorize examinations of, electronic mail messages, portable storage devices, files on desktops and laptops, web browser cache files, web browser bookmarks and other information stored on or passing through University computing resources when data compromise is suspected.

Each University entity is responsible for following governmental regulations and University guidelines for the retention of data in its control. Violations of this policy may result in disciplinary action.