Join now to read essay Abe
Individual Responsibilities
Plans must address requirements for individuals accessing or processing Restricted Data so as to comply with basic responsibilities for campus data in general, as required by the provisions of the DMUP. In particular, Plans must specify requirements to be implemented within departments or units to ensure that individuals will be able to protect Restricted Data. [4] This includes ensuring that:
passwords or other instruments that allow access to Restricted Data are protected;
physical security of computers housing Restricted Data is protected;
logical security of computers, operating systems and applications that house, or provide access to, Restricted Datas is protected;
Restricted Data is removed from computers that are disposed of. [5]
Data Stewardship
Departments/units may be accessing, processing, or storing Restricted Data owned by the campus or by outside entities. The Data may be under their own proprietorship or the proprietorship of another department. Security plans must meet the minimum-security requirements of all relevant Data Proprietors.
Access