Standard for Communications Security

I. Purpose

The purpose of this standard is to establish the university’s obligation to protect the integrity of the university network and supporting information processing facilities as well as to maintain the security of information transferred within the university and with any external parties.

II. Scope

This standard is applicable to UNC Charlotte faculty, staff, students and all authorized users granted access to the university network or who may be involved in the transfer of any university information resources. Protecting and preserving university information resources is a cooperative effort that requires each member of the university community to act responsibly and guard against abuses.

III. Contacts

Direct any general questions about this standard to your unit’s Information Security Liaison. If you have specific questions, please contact OneIT Information Security Compliance at ISCompliance-group@charlotte.edu.

IV. Standard

Network Security Management

UNC Charlotte networks are managed and controlled by the Office of OneIT to protect information in connected systems and applications. OneIT manages security tools and controls and provides additional protection by segregating groups of services, users, and information systems as appropriate.

Information Transfer

Every authorized user has the responsibility to take appropriate measures to safeguard university information resources. Before transferring non-public data (Level 1 or higher), follow these steps:

• Review the Guideline for Information Transfer that includes considerations for the security of printers, copiers, fax machines and multifunctional devices.
• Ensure that agreements are in place to address the secure transfer of information between the university and external parties.
• Check the data classification and handling information in the Guideline for Data Handling.

Related Resources

• University Policy 311 Information Security
• University Policy 304 Electronic Communication System
• Guideline for Network Security
• Guideline for Information Transfer
• Guideline for Data Handling
• Standard for Information Security Related to Vendors and External Parties
• ISO/IEC 27002

ISO/IEC 27002 was adopted by The University of North Carolina at Charlotte in 2012. All standards and guidelines are based on this code of practice for Information Security Management.

Revision History

Initially approved by Information Assurance Committee 8/07/15
Updated 11/07/24