Manchester Community College’s Information Technology security website provides you critical information required to secure and protect computer systems against known security threats. This website is a repository of information related to all different areas of system and information security. We encourage all members of the MCC college community to visit this site regularly for current and breaking information on security threats and preventative practices.
Data Classification
Certain information is considered by law as confidential and must be protected from unauthorized access or modification. Data, which is essential to critical functions, must be protected from loss, contamination, or destruction.
Data Classification is the process of grouping data elements together by risk level. MCC has identified four Data Classification Levels (DCL) from 0 to 3. Appropriate security controls will be applied to each classification level. Increasingly restrictive data management and security practices are required for each level, with DCL0 requiring limited protection to DCL3 (formerly referred to as Class A Data) requiring the most protection.
| Data Classification Level (DCL) | Description | Examples |
|---|---|---|
| 3 DCL3 (Protected Confidential) |
Level 3 is protected confidential data, which comprises identity and financial data that, if improperly disclosed, could be used for identity theft or to cause financial harm to an individual or MCC. Security at this level is very high (highest possible). | Identity Data with:
|
| 2 DCL2 (Restricted) |
Level 2 is restricted data that is available for disclosure, but only under strictly controlled circumstances. Such information must typically be restricted due to proprietary, ethical or privacy considerations. An example of such restrictions is the FERPA guidelines that govern publication and disclosure of student information. Security at this level is high. |
Identity Data with:
|
| 1 DCL1 (Internal) |
Level 1 is internal data that has not been approved for general circulation outside MCC where its disclosure would inconvenience MCC, but is unlikely to result in financial loss or serious damage to credibility. Security at this level is controlled but normal. |
|
| 0 DCL0 (Public) |
Level 0 is public data that has been explicitly approved for distribution to the public. Disclosure of public data requires no authorization and may be freely disseminated without potential harm to MCC. Security at this level is minimal. |
|
If you have questions or require additional information on Information Security at Manchester Community College, please go to https://cscu.service-now.com/sp/ and open an incident.
Resources
- Information Security Program Office (ISPO)
- Board of Regents Resolution Concerning Information Security
- CSCU Acceptable Use Policy
- CSCU Electronic Communications Policy
- Electronic Monitoring
- Copyright and P2P File Sharing
- Mobile Computing Policy
- Alerts from CERT
- CERT Security Tips
- Federal Incident Reporting Guidelines
- Stop.Think.Connect Student Resources
- FBI Internet Crime Complaint Center
- Report Suspicious Online Activity to USICE
- Cybersecurity 101 Tips
- OnGuardOnline.gov Malware Guide
- StaySafeOnline for Higher Ed