The purpose of this standard is to set forth the requirements to ensure that all work areas are clear of university information, whether in electronic or paper form, classified as Level 1 - Confidential or Level 2 - Internal Use when the work area is unattended.
Comments or feedback on this standard should be directed to the Office of the Chief Information Officer at (831) 582-4700.
This Standard applies to CSU Monterey Bay employees and CSUMB Auxiliary Organization employees, who collect, generate, use or otherwise handle Confidential or Internal Use information.
Users must log off their computers when their workspace is unattended.
All Confidential and Internal Use information must be removed from the desk and locked in a drawer or file cabinet when the workstation is unattended and at the end of the workday.
All Confidential and Internal Use information must be stored in lockable drawers or cabinets.
File cabinets containing Confidential or Internal Use information must be locked when not in use or when not attended.
Keys used to access Confidential or Internal Use information must not be left at an unattended work area.
Laptops must be either locked with a locking cable or locked away in a drawer or cabinet when the work area is unattended or at the end of the workday.
Passwords must not be posted on or under a computer or in any other accessible location.
Copies of documents containing Confidential or Internal Use information must be immediately removed from printers.
Documents containing Confidential of Internal Use information must be immediately removed from facsimile machines.
This standard will be subject to revision in response to changes in technology, regulatory compliance, and/or CSUMB operational initiatives.
06/21/2019 by Chip Lenno, CIO/ISO