Local Device Backup Policy
Version 1.0
For Students, Faculty, Staff, Guests, Alumni
Purpose
The purpose of this policy is to detail the University community’s responsibility of backing up their data.
Scope
This IT policy, and all policies referenced herein, shall apply to all members of the University community, including faculty, students, administrative officials, staff, alumni, authorized guests, delegates, and independent contractors (the “User(s)” or “you”) who use, access, or otherwise employ, locally or remotely, the University’s IT Resources, whether individually controlled, shared, stand-alone, or networked.
Policy Statement
- Users are responsible for backing up their data if they choose not to use the University provided network, S: drive,1 or cloud shares (e.g., Microsoft OneDrive™ for Business2).
- IT recommends using OneDrive for backups using the steps outlined in the OneDrive Backup Procedure document.
- Saving certain files to local devices is prohibited. Other content may be permissible per the Data Classification Guidelines.
- However, Users should know the risks associated with saving files to internal or external hard drives on laptops or desktops.
- Risks may include identity theft, loss of intellectual property, data loss, or ransomware.
- Additionally, Users must be aware:
- IT does not backup local devices.
- Pre-existing backups of local devices do not exist.
- Data saved on local device storage cannot be recovered.
- Users are required to follow the Data Classification Guidelines since some data is prohibited from being stored locally.
- IT offers secure storage where Users can save files. Call IT Service Desk at 718-817-3999 for further information.
Definitions
IT Resources include computing, networking, communications, application, and telecommunications systems, infrastructure, hardware, software, data, databases, personnel, procedures, physical facilities, cloud-based vendors, Software as a Service (SaaS) vendors, and related materials and services.
Related Policies and Procedures
Implementation Information
Review Frequency: | Annual |
---|---|
Responsible Person: | Senior Director, IT Security Operations and Assurance |
Approved By: | CISO |
Approval Date: | January 18, 2022 |
Revision History
Version: | Date: | Description: |
1.00 | 01/18/2022 | Initial document |
Policy Disclaimer Statement
Deviations from policies, procedures, or guidelines published and approved by Information Security and Assurance (ISA) may only be done cooperatively between ISA and the requesting entity with sufficient time to allow for appropriate risk analysis, documentation, and possible presentation to authorized University representatives. Failure to adhere to ISA written policies may be met with University sanctions.