Connecticut State Colleges & Universities
IT Support Center

Definitions

Data Domain

Data belongs to specific functional areas, also referred to as a data domain. Examples of Data Domains are:

  • Academic Records
  • Admissions
  • Development (Fundraising)
  • Financial Aid
  • Human Resources
  • Information Technology
  • Institutional Research
  • Student Advising & Counseling

Data Steward

A Data Steward has planning and policy responsibilities for data within a specific functional area(s) or data domain. Data Stewards have responsibility for understanding, protecting and granting access to CCC data.

Data Manager

A Data Manager has day-to-day responsibilities for data management within a specific functional area(s) or data domain. Data Managers have responsibility for understanding, protecting and managing access to CCC data.

Data User

A data user has operational requirements to access data and use data in performance of his/her assigned duties.

DCL3 Data

DCL3 - Previously known as Class A Protected at the CSUS.

Level 3 is protected confidential data, which comprises identity and financial data that, if improperly disclosed, could be used for identity theft or to cause financial harm to an individual or the ConnSCU system. Security at this level is very high (highest possible).

Examples of DCL3 data are:

  • Social Security number & Identity Data
  • Bank account or debit card information and Identity Data
  • Credit card number & cardholder information
  • Student Loan Data

DCL3 data must be protected from disclosure and maleficence

DCL2 Data

DCL2 - Previously known as Class A at the CSUS.

Level 2 is restricted data that is available for disclosure, and may be disclosed under certain circumstances e.g. FOIA, legal request, etc. Such information is restricted due to federal and state law, ethical and privacy considerations.

An example of such restrictions is the FERPA guidelines that govern publication and disclosure of student information. Security at this level is high.

Examples of DCL2 data are:

  • Mother's maiden name
  • Academic records
  • Employee Medical Records

DCL1 Data

DCL1 - Previously known as Class B at the CSUS.

Level 1 is internal data that has not been approved for general circulation outside the ConnSCU system where its disclosure would inconvenience the ConnSCU system, but is unlikely to result in financial loss or serious damage to credibility. Security at this level is controlled but normal.

Examples of DCL1 data are:

  • Internal memos
  • Minutes of meetings
  • Internal project reports

DCL0 Data

DCL0 - Previously known as Class C at the CSUS.

Level 0 is public data that has been explicitly approved for distribution to the public. Disclosure of public data requires no authorization and may be freely disseminated without potential harm to the ConnSCU system. Security at this level is minimal.

Examples of DCL0 data are:

  • Advertising
  • Public Directory Information
  • Press Releases
  • Job postings

Information Security Program

An information security program is the comprehensive safe-guarding of an organization's data from unauthorized access or modification to ensure its availability, confidentiality, and integrity. It includes the Information security and awareness components.
 

SANS Securing the Human

ConnSCU's Information Security Awareness Training is currently being provided through SANS Securing the Human training program, an online training that focuses on the individual and what they can do to help secure their organization and themselves.