Data Management and Storage Resources

Summary

Provides references to campus standards, procedures, and guidelines for data management and storage resources.

Body

Properly securing, managing, and storing data is an essential part of our security profile at Chico State.

Here are resources to help you securely manage and store sensitive data as well as information on the policies, standards, and practices campus personnel need to follow.

CSU Policy and Standards

Our data handling practices are governed by CSU policy and standards. Please see the following. CSU Information Security Policy and Standards: 
https://calstate.policystat.com/policy/11773867/latest/#autoid-wj2jx

Data Classification and Protection Standards

Data is classified in three levels. Data handling practices can vary based on the classification level. Level 1 is confidential data and is the most restricted, Level 2 is internal use data and is also restricted, Level 3 data is general and can be made publicly available. Data Classification and Protection Standards.

Data Privacy Policies and Standards

Chico State respects the privacy of faculty, staff and students, and is committed to protecting it by complying with CSU system-wide information security and privacy policies, and as subject to applicable state, federal - and increasingly - global policies through the European Union's General Data Protection Regulation (GDPR) standard. Data Privacy Policies and Standards: https://www.csuchico.edu/isec/privacy-policy-page.shtml

Data Security & Records Retention

Data needs to be properly secured based on its content and data classification level. Records need for follow the Records Retention Schedule or retention and disposal. Records Retention and Disposition Schedule: https://www.csuchico.edu/registrar/records-retention/index.shtml

Device Sanitation and Disposal

Devices that store data such as workstations, tablets, and USB drives need to be properly sanitized and disposed when they are transferred or marked for sale or destruction. Electronic Device Disposal and Transfer Procedures : https://support.csuchico.edu/TDClient/1984/Portal/KB/ArticleDet?ID=8732

Secure File Storage and Sharing

Information on how to properly store and share data at Chico State is available on the following site. Data storage and Sharing: https://www.csuchico.edu/isec/data-protection/index.shtml

Mobile Device Security

Best practices and information on how to properly secure mobile devices is available on the following site. Mobile Device Security: https://www.csuchico.edu/isec/resources/mobile/mobile-device-security.shtml

Annual Access Review

Access to Level 1 data needs to be reviewed annually to decide to continue to allow access or to remove access that is no longer needed.

CSU Access Control Standard (Annual Access Review requirement): https://calstate.policystat.com/policy/11773867/latest/#autoid-mekjg  

Report a Security Incident, Unauthorized Access, or Data Leak

Contact the IRT Information Security Office to report a security incident, unauthorized access, or data leak. Report a Security Incident, Unauthorized Access, or Data Leak: https://support.csuchico.edu/TDClient/1984/Portal/Requests/ServiceDet?ID=10202

Information Security Office (ISEC)

For information security questions, consultation, or assistance, contact the Information Security Office by emailing isec@csuchico.edu or by submitting a ticket to isec-help@csuchico.edu

More information can be found on our website: https://www.csuchico.edu/isec/

Details

Details

Article ID: 113529
Created
Fri 4/14/23 7:48 PM
Modified
Wed 11/15/23 7:02 PM