What are the guidelines for storing level 0 - 3 data?

 

  1. See the Guideline for Data Handling.

  2. The following table provides a definition of each data level, 0 - 3, and basic examples for each.

  3. The following table provides a more detailed overview of what data, from 0 - 2, can be included in different systems and equipment. Data belonging to multiple classification levels must be treated according to the highest level of sensitivity.

      SERVICE

    0

    1

    2

    COMMENTS

    UNC Charlotte Owned Workstations, Laptops, Tablets, other devices

     

    No level 2 or 3 data can be stored here.

    Mobile devices must have additional security configurations in place if storing level 1 data.

    Publicly Accessible Kiosks and Workstations

     

     

    No level 1, 2, or 3 data can be stored here.

    Personally Owned Workstations, Laptops, Tablets, other devices

     

     

    No level 1, 2, or 3 data can be stored here.

    See the Guideline for Mobile Devices for additional guidance.

    OneIT-Provided Network Drives (H, J, S, etc.)

    No level 3 data can be stored here. Level 2 data can be stored here only if additional security is in place such as limited access and/or encryption.

    UNC Charlotte Email

    No level 3 data can be sent via email. Level 2 data is permissible if designated email recipients are authorized to view the data and no recipients’ addresses are outside the university email system.

    UNC Charlotte Google Drive

    No level 3 data can be stored here.  Level 2 data can be stored here only if additional security is in place such as limited access. Level 2 data should not be synced to your desktop, laptop, or mobile device.
    University Dropbox account

    No level 3 data can be stored here.  Level 2 data can be stored here only if additional security is in place such as limited access.  Level 2 data should not be synced to your desktop, laptop, or mobile device.
    UNC Charlotte OneDrive No level 3 data can be stored here.  Level 2 data can be stored here only if additional security is in place such as limited access.  Level 2 data should not be synced to your desktop, laptop, or mobile device.

    Public Cloud Storage Sites (i.e., non-University provided cloud storage)

     

     

    No level 1, 2 or 3 data can be stored here.

    UNC Charlotte websites (including Drupal offering, departmental websites, WIKIs, etc.)

     

     

    No level 1, 2 or 3 data can be stored here.
    UNC Charlotte Canvas No level 3 data can be stored in Canvas.  Level 2 data is permissible if designated viewers/recipients are authorized to view the data and no recipients are from outside the university system.

    UNC Charlotte owned portable electronic storage media, such as USB devices, CD/DVD, or external hard drives.

     

    No level 2 or 3 data can be stored here. 

    Portable storage media must have additional security configurations in place if storing level 1 data.
    UNC Charlotte Perceptive Content Level 3 data can be stored here in compliance with the Imaging Access & Data Storage Standards and the Guideline for Data Handling.  Access to this data is tightly controlled via specific permissions and management authorization.  Restrictions for other services should be followed when using email and download actions.
    UNC Charlotte DocuSign Level 3 data can be stored here in compliance with the Guideline for Data Handling.  Access to this data is tightly controlled via specific permissions and management authorization.  Restrictions for other services should be followed when using email and download actions.

NOTE:  If you have questions about the data levels, please contact your Data Security OfficerInformation Security Liaison, or the Information Security Compliance Office.

 
Print Article