Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: data classification

From: Ted Frohling <tsf () MS TELCOM ARIZONA EDU>
Date: Wed, 28 May 2003 08:00:51 -0700
Thanks for this information Mark.

ted


Bruhn, Mark S. wrote:

IU's data access and classification policy is at
http://datamgmt.iu.edu/.

Essentially, we have the same three classifications:  restricted (by
legal or ethical reasons, accessible by only employees whose job
requires access), University internal (accessible by any employee), and
public.  Similar to Georgetown, a Committee of Data Stewards is
operationally responsible for this policy and enforcement.  We have a
higher level committee as well, Committee on Institutional Data, which
discusses overall institutional philosophies related to data.  The key
is that functional offices are responsible for data policy, and the IT
people work with them to decide (and at times strongly suggest :)
necessary protections.

M.



--
    Ted Frohling (TF30-ARIN)                   The University of Arizona
    520.621.4834     Security Incident Response Team       CCIT Room 126
    tsf-at-Arizona.EDU  CCIT - Network Operations          PO Box 210073
    www.Telcom.Arizona.EDU/tsf                     Tucson, AZ 85721-0073

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: