The purpose of this policy is to define employee responsibilities regarding the security of data on or viewed via University-owned computer workstations and mobile computing devices.
Individuals with access to Protected data information shall ensure that any and all computer displays for which they are responsible are not visible to unauthorized viewing by others.
Protected data should be kept on a server in the appropriate firewall zone.
Protected data is not permitted to be stored on computer workstations, removable media or mobile computing devices unless encrypted using information security industry standards, currently AES-256.
Care should be taken when registering computers on the network not to place them in a higher security zone than is needed, particularly in the case of computers that will be publicly accessible and/or used by students other than student employees authorized to access Protected data.
This policy pertains to all computer workstations, portable computers, and mobile computing devices owned by Bradley University, whether located on or off campus.