Information and Instructional Technology Services - Longwood University

Campus Links

About Information Security

General Information

Policies & Procedures

Security Awareness

Departments

FAQ

Site Map

View Sitemap

IITS
Coyner Building
201 High Street
Farmville, VA 23909

Voice: 434-395-2034
Fax: 434-395-2035
E-Mail: iits@longwood.edu

News & Alerts

Longwood University Information Security is on Facebook

Report a Security Incident

To report a security incident please send an e-mail to abuse@longwood.edu and include a complete description of the problem.

click for more...

Information Security

434-395-2034
Fax: 434-395-2035
infosec@longwood.edu

Quicklinks

Data Handling Standards
Classification Label	Public	Internal	Restricted
Sensitivity	Low	Moderate	High
Confidentiality	Low	Moderate	High
Description	All university data acceptable for public consumption.	All data used for conducting university business that is not meant for distribution beyond the university. All university data is considered “Internal” until classified otherwise.	All university data for which an unauthorized disclosure may result in identity theft or university liability for costs or damages, under laws, government regulations or contract.
Need to find a data type's classification? See the university data classifications.
Storage
Server		University owned device Not publically accessible	University owned device Not publically accessible
Desktop Workstation, Laptop, USB drive, Handheld, printers, etc.		University owned device	Data owner's approval Encryption required University owned device
Non-electronic data (paper documents, white or black boards, photographs, etc.)		Secure location with appropriate physical controls	Data owner's approval Secure location with appropriate physical controls Labeled at data owner's discretion
Transmission
Campus Mail			Secured and labeled at data owner's discretion
External Mail
Fax
Telephone (POTS)
Other Electronic Transmission (internal and external* e-mail, file transfers, VoIP, etc.)			Encryption required
Disposal
Electronic data	Delete	Delete Redact	Redact Wipe Otherwise make unreadable/unrecoverable (see University Electronic Data Disposal Standards)
Non-electronic data	Recycle	Redact Shred with cross-cut shredder	Redact Shred with cross-cut shredder (see Virginia Administrative Code) Note: Although you may not have a cross-cut shredder, as long as the shredded records are pulped or incernerated, it meets the requirements of the regulations that social security numbers in the records be made, "...unreadable or undecipherable by any means."

Data owners may impose additional security controls/protections needed for a type of data, in addition to the controls required by the classification level.

*External e-mail containing Social Security Numbers (SSN) and/or Credit Card Numbers (CCN) are prohibited.

Revised and approved by CIO, May 2, 2011.
Revised and approved by CIO, September 2, 2011.
Revised and approved by CIO, March 2, 2012.