If you are storing private or confidential information on portable media, such as USB keys, CDs, DVDs, and flash memory. If you must store private information on portable media, the media must be encrypted.
Recommended for wireless access to RIT Confidential information.
If you have questions or feedback about specific information security requirements, please contact us.
RIT Information Handling and Services Matrix
The table below provides information about the different classifications of information at RIT and determines how the information can be used and who has permission to access it. For more details about information classification at RIT and examples, please visit the RIT Information Access and Protection Standard webpage. This Standard applies to everyone who accesses RIT Information Resources, whether affiliated with RIT or not, from on campus or from remote locations, including but not limited to: students, faculty, staff, contractors, consultants, temporary employees, alumni, guests, and volunteers.
Public - Information that may be accessed or communicated by anyone without restriction and has no special handling requirements associated with it.
Internal - Information that is restricted to RIT faculty, staff, students, alumni, contractors, volunteers, and business associates for the conduct of Institute business. Internal information could include building floor plans and specific library collections.
Confidential - Information that is restricted to a need-to-know basis and due to legal, contractual, ethical, or other constraints may not be accessed or communicated without specific authorization. Confidential information could include educational records, health information, and University Identification Numbers (UIDs).
Private- Information that is confidential and which could be used for identity theft. Private information also has additional mandates associated with its protection. Private information could include Social Security Number, driver's license number, and financial account information. These are all forms of information that could be used for identity theft.
The table on this page provides a quick reference list of services. In each of the tables, the classification of each service is shown in the left-hand column. The middle columns shows Check marks with an asterisk indicate there is additional information about the service and its classification in the right-hand comments column.
If you have questions about a specific use case or you do not find your use case below, reach out to firstname.lastname@example.org.
Audio/Video Conferencing: Zoom
*No HIPAA-related information permitted. Other Confidential information permitted only if proper controls are used to ensure access is limited to authorized RIT participants.
Audio/Video Conferencing: Zoom for Healthcare
*HIPAA-related information OK. Other Confidential Information is permitted only if proper controls are used to ensure audience is limited to RIT participants.