Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
As a UMBC staff or faculty member, it is essential that you take appropriate steps to protect University information.
Information Classification
The first step in understanding which devices can be used with which data is to understand the classification of the information you need to use with the device.
The four levels of information classification at UMBC are described through this FAQ: Information Classification at UMBC
Permitted Devices by Information Classification
The way that information needs to be secured depends on the level of the information. The higher the level, the more security needs to be applied. DoIT has created a matrix to outline which types of devices are appropriate to use with certain levels of data. Additionally, the device must match the highest level of information on the device. For example: if a computer is regularly used with Level 1 information and has only a few Social Security numbers on it for a one-time task, the whole device must match the higher Level 2 requirements (due to the SSNs), or the SSNs must be removed from the computer.
It is always better to use a UMBC Owned Device or the UMBC Virtual Desktop Environment for UMBC work whenever possible, even with Level 0 and Level 1 Information.
Level 0 | Level 1 | Level 2 | Level 3 | |
---|---|---|---|---|
UMBC Owned Device | Yes | Yes | Yes** | Yes** |
UMBC Virtual Desktop Environment | Yes | Yes | Yes | No |
Employee Owned Device | Yes | Yes | No | No |
Public Device | Yes | No | No | No |
** The UMBC Owned Devices need to have particular security configurations and tools installed to be able to work with Level 2 and Level 3 information.
For information on using the UMBC Virtual Desktop Environment, please review the following FAQ: UMBC VDE
If you have any questions about devices you want to use or how to classify information, please contact the DoIT Security Department at security@umbc.edu.