Columbia Campus IT SecurityUMKC IT SecurityRolla Campus IT SecuritySt. Louis Campus IT Security

Data & Assets

Device DCS Guidelines

User Responsibilities

What does the Device DCS cover?

Laptops, desktops, tablets, smartphones, flash drives and other portable storage drives used for work purposes regardless of ownership.

What do I need to do to comply?

Additional steps you can take to secure devices both at work and at home:

Note: If your University-issued computer is not managed by an IT professional or if it uses a non-standard operating system such as Linux, consult with your campus IT division and/or with your campus Information Security Officer.

DCL Cheat Sheet

The creator/manager (e.g., data custodian) of information and data has the latitude to classify data at a level higher than the definitions below. However, data/information cannot be classified at a lower level than the definitions below unless approved by your ISO.

DCL Cheat Sheet General Guidelines

Public Data

Most Web page content


Meeting agendas and minutes

Strategic plans

Marketing messages

Sensitive Data

Internal memos



Business emails and other correspondence

Project plans


Restricted Data

Non-directory student information

Financial aid information

Donor information

Job candidate resumes and applications

Personnel evaluations and other HR-related information such as EMPLID

Some forms of intellectual property and unpublished research

Floor plans, diagrams, etc.

Birthdates and other personal information

Applicable laws (not exhaustive): FERPA, GLBA, Federal Trade Commission regulations on identity theft protection

DCL4: Highly
Restricted Data

Social Security Numbers

Patient information

Credit card numbers

Biometric data


Intellectual property including information and data with commercial value

Information/data affected by federal export control regulations

Documentation about critical infrastructures (floor plans, power systems, diagrams, etc.)

Applicable laws and standards (not exhaustive): HIPAA, Payment Card Industry (PCI), Missouri Breach Law, federal export control laws