Security Policy: Restricted Elements
The Ohio State University
Department of Electrical & Computer Engineering
search button

Security Policy: Restricted Elements

Required Compliance with OSU and College of Engineering Policies and Standards

All systems within ECE must meet the standards and policies set by the University and by the College of Engineering. This includes, but is not limited to:

  • MCSS - which dictates minimum standards for host-based security: local firewall, up-to-date Operating Systems including all security patches, anti-virus, anti-malware, and good passwords.

  • CoE Encryption Policies - which dictate that all systems which have, or may have, restricted elements must be encrypted.

  • OSU Institutional Data Policy - http://cio.osu.edu/policies/institutional_data/

Removal of Restricted Elements

All ECE personnel (faculty, staff and others) will remove all Restricted Elements from their possession wherever they are able to do so within the constraints of their jobs.

Restricted Elements that must be removed most specifically include, but are not limited to:

  • Social Security Numbers - SSNs were printed on class rosters, grade reports and several other University documents until very recently. All instances of such data must be addressed.

  • Class Rosters and Grade Reports - All documents which contains student enrollment information are considered Restricted Elements, even when these documents do not include SSNs, and as such must be addressed.

Removal may take the form of secure deletion/destruction of the item that contains the element, or the redaction of said item such that the element is removed, whichever is appropriate.

The deletion of electronic files that contained restricted elements should be done with a "shredder" program such as that contained within PGP for Windows.

For the identification and removal/redaction of electronic files bearing SSN or restricted information, the Site staff may be able to provide some assistance, but the responsibility for the data belongs to the person who maintains the data.

Note Bene: this policy applies to both electronic data and physical items such as paper, backup tapes, CDs and DVDs, floppy drives and so on. Where appropriate, physical items should be redacted or destroyed. Those which items that remain must be physically secured to the extents mandated by University Policies and State Law.

Secure Use of the ODS

All ECE personnel who have access to the ODS are required to follow University guidelines in connecting and using those resources. Site personnel may assist in the configuration and maintenance of such connections.

Encryption

All systems that have or may have Restricted Elements must have their hard drives encrypted. By CoE policy this includes the systems of all Faculty, Staff, Research Scientists, and TAs. As needed it may also be extended to research laboratory machines where such systems are known to be used by students as part of their TA (or related) duties.

All mobile systems must have their hard drives encrypted.

Any exceptions to the above must be approved by the Department's Computing Committee, the Department Chair, and the College.

Anyone who wishes to have their systems encrypted, even if it does not necessarily require it as defined above, may voluntarily do so (please send a note to Site for assistance).

All Mac OS X systems which qualify above, must have FileVault turned on for all user accounts.

All Windows systems which qualify above, must have PGP Whole Disk Encryption applied.

All Linux systems which qualify above, must have their disks encrypted. The mechanism for this will be determined on a case-by-case basis, but will most likely be the native solution of the OS. IE: dm-crypt, cryptoloop, etcetera.

The Site staff is available to perform all encryption-related operations.

 

 
Department of Electrical & Computer Engineering Contact Webmaster
Site Map