Information Security Standards



Portable computing devices are becoming increasingly powerful and affordable. Their small size and functionality are making these devices more desirable to replace traditional desktop devices in a wide number of applications. However, the portability offered by these devices may increase the security exposure to individuals using the devices.


This procedure applies to all portable information resource devices that process, contain, or have direct access to confidential information. The purpose of this procedure is to provide a set of measures that will mitigate information security risks associated with portable computing. The intended audience is all users of University information resources.


1. Where appropriate, portable computing devices shall be protected from unauthorized access by using passwords or other means.

2. All confidential or sensitive University data stored on portable computing devices, including laptops, tablets, and external storage media shall be encrypted.

3. All remote access (VPN, Remote Desktop, etc.) to University resources containing confidential information shall utilize encryption techniques when connecting from an Internet Service Provider (ISP).

4. Confidential or sensitive University information shall not be transmitted via wireless connection unless encryption methods are used.


Last Updated March 31, 2014