Re: Data Classification

[Robert Smith <Robert.Smith () UCOP EDU>]

Hello,

Our Standard and Guide are on-line:
https://security.ucop.edu/policies/institutional-information-and-it-resource-classification.html

Have a delightful day,
Robert Smith, CISSP, PMP
University of California Office of the President
(510) 587-6244 (o)
robert.smith () ucop edu<mailto:robert.smith () ucop edu>


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Ullman, Catherine
Sent: Friday, August 30, 2019 12:26 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Data Classification

Hi Marty,

Here is our data classification policy:

http://www.buffalo.edu/administrative-services/policy1/ub-policy-lib/data-risk-classification.html

The chart found here: 
http://www.buffalo.edu/ubit/information-for-it-staff/information-security/minimum-security-standards.html  is meant to 
help clarify the risks for a variety of risks and provide some guidance on what needs to be done to secure the data.

I hope that helps.

Best,
Cathy


Dr. Catherine J Ullman
Senior Information Security Analyst
Information Security Office
University at Buffalo
cende () buffalo edu<mailto:cende () buffalo edu>



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Marty Leidner
Sent: Friday, August 30, 2019 2:50 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Data Classification


Good Afternoon



We at Rockefeller University are considering how to move forward with the elusive goal/initiative of data 
classification, and would like to see how others are addressing this. I would greatly appreciate if you could respond 
to this brief survey. I will be happy to share the results with anyone who is interested:



 1. Do you have a data classification policy on your website or intranet?

 2. Do you use any tools to enable your user community to classify their data? If so, which ones? These could be 
enterprise tools, or even basic  tools that are built into other applications or platforms (e.g. Office365, Box, etc.) 
3. Do you enforce this policy, or in any way require data to be classified?



Thanks , and I wish everyone a wonderful labor day,

Marty

,

Thank You,

Marty Leidner,  CISSP
Chief Information Security Officer
The Rockefeller University
Information Security
212-327-7372
http://it.rockefeller.edu/information-security
Protector of the cyber realm




**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community