Sensitive Data Users
Sensitive Information also includes any other information that is protected by University policy or federal or state law from unauthorized access. Sensitive Information must be restricted to those with a legitimate business need for access. Examples of Sensitive Information may include, but are not limited to, Social Security numbers, system access passwords, some types of research data (such as research data that is personally identifiable or proprietary), public safety information, information concerning select agents, information security records, and information file encryption keys.
The University requires all Users to protect the University’s Sensitive Information by adhering to the Information Security Policy.
When you identify yourself as a Sensitive Data user policies are put into place to help protect your data and your workstations.
- Display lock after 20 minutes inactivity
- Disallow installing new applications without End User Support
- Disallow devices other than printers and UBS drives
- Disallow user impersonation
- Vender Supported OS
- Software patches and updates applied
- Antivirus and Anti-malware installed
- Passed vulnerability scan
- User password policy enforcement
- No local administrator rights (see User Policies)
- Secure physical access
- Full Disk Encryption where feasible