This section establishes the standards and procedures for end users who are connecting a personally-owned device to a University System of Georgia (USG), which includes the 30 institutions, the University System Office (USO) [which includes the Shared Services Center (SSC)], the Georgia Public Library System (GPLS), and the Georgia Archives, network for business purposes.
The following definitions of At Rest, Bring Your Own Device (BYOD), Compliance Date, Confidential Data, In Transit, Public Data, Prior Approval, Sensitive Data, Stored, and Transition Period are used throughout this section.
- At Rest: Computer files that are used as reference, but are not often updated, if at all. They may reside on servers, in backup storage or on the user’s own hard disk.
- Bring Your Own Device (BYOD): Refers to employees taking their own personal device to work, whether laptop, smartphone, or tablet, in order to interface to the internal/participant organization’s network resources.
- Compliance Date: The date by which the participant organization is expected to comply with the policy, or standard.
- Confidential Data: Data for which restrictions on the accessibility and dissemination of information are in effect. This includes information whose improper use or disclosure could adversely affect the ability of the institution to accomplish its mission, records about individuals requesting protection under the Family Educational Rights and Privacy Act of 1974 (FERPA), or data not releasable under the Georgia Open Records Act or the Georgia Open Meetings Act.
- In Transit: Data on the move from origin to destination, i.e.: data moving from point A to point B.
- Public Data: Data elements that have no access restrictions and are available to the general public. Also can be designated as unrestricted data.
- Prior Approval: A process by which all users must gain approval prior to working with, utilizing, or implementing a process or procedure.
- Sensitive Data: Data for which users must obtain specific authorization to access, since the data’s unauthorized disclosure, alteration, or destruction will cause perceivable damage to the participant organization. Example: personally identifiable information, Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability and Accountability Act (HIPPA) data, or data exempt from the Georgia Open Records Act.
- Stored: Data held or at rest, either locally or in the cloud.
- Transition Period: A period of time whereby an object moves from one state or level to and another.
Implementation and Compliance
|Section Number||Section Name||Compilation Date||Published Date||Compliance Date||Revision
|8.1||Purpose||October 2013||October 2013||October 2014|
|8.2||Applicability||October 2013||October 2013||October 2014||January 2014|
|8.3||Standards||October 2013||October 2013||October 2014|
|8.4||Standard Non-Compliance||October 2013||October 2013||October 2014|
|8.5||Appendix A: Employee Declaration||October 2013||October 2013||October 2014|