[an error occurred while processing this directive]

Electronic Media & Portable Devices

CSUB Information Security Policy
Date in Effect: November 2009
Policy Title: Electronic Media & Portable Devices
Reference(s): CSU Information Security Policy, 11.3 - Mobile Devices &
CSU System-Wide Information Security Standards, 12.4 - Data Storage

Electronic media such as CD's, DVD's, Flash Drives, etc. shall not be used for the storage or transport of Level 1* confidential data, as defined by the CSUB Information Security Policy, unless the data are encrypted or biometric security is employed at the device level.

The use of portable devices such as laptops, PDA's, cell phones, etc. shall not be used for the storage or transport of Level 1* data unless the data are encrypted. The University Information Security Officer may, on a case-by-case basis, approve an alternative to encryption of data as a means to protect information assets. Such approval shall be made in writing.


[an error occurred while processing this directive]