Data is a critical asset of the university. It is the policy of the University of Central Florida to classify types of data in use at the university and to provide the appropriate levels of information security and protection.
University Data falls into three classifications: Highly Restricted Data, Restricted Data, and Unrestricted Data. UCF Policy 4-008 further details the classifications and the procedures for how to properly store, handle, and protect University Data. Below is a Data Classification Matrix, that illustrates where it is appropriate to store UCF Data electronically.
Please refer to UCF Policy 4-008 for full details and contact UCF InfoSec if you have any questions or concerns about how to protect University Data.
QUICK links
Data Classification Matrix
Data Classification | Examples | Approved Storage | Additional Requirements |
---|---|---|---|
Highly Restricted |
|
UCF sanctioned internet cloud data storage systems
|
|
University-provided email system
|
|||
Secure UCF Server
|
|||
UCF-Owned End User Devices
*When stored on these devices, the data must have file-level encryption with access protected by a strong password (in addition to the full disk encryption.) |
|
||
Restricted |
|
Any approved storage for Highly Restricted or Restricted Data | |
UCF-owned workstations or mobile devices |
|
||
University-provided email system |
|
||
Unrestricted |
|
Any storage approved for Restricted or Highly Restricted Data | |
Can be posted on any public website, blog, or other publicly-accessible Internet site. |