Use this page in conjunction with REG 08.00.03 – Data Management Procedures and the following:
- Controls for Securing University Data – Best Practices
- Determining Sensitivity Levels for Shared Data
- Data Categories, Trustees, Stewards, and Custodians
- Data Management Procedures Summary and Guidance
- Frequently Asked Questions – Data Management Procedures
The following table indicates appropriate storage locations for NC State data by data-sensitivity level.
| Storage Location |
Ultra-sensitive (PURPLE) |
Highly Sensitive (RED) |
Moderately Sensitive (YELLOW) |
Normal, not Sensitive (GREEN) |
Unclassified (WHITE) |
| NC State server |
No, unless encrypted and Data Steward approves |
Data Custodian must approve |
Yes | Yes | Yes |
| *Cloud Service
(e.g., Dropbox) |
No, unless encrypted and Data Steward approves |
Data Steward must approve |
Data Steward must approve |
Yes | Yes |
| NC State *Google Drive |
No | Yes | Yes | Yes | Yes |
| Microsoft OneDrive | No | Yes | Yes | Yes | Yes |
| *Google Drive and apps (e.g., Google Docs, Google Sheets, etc.) | No | No, unless encrypted |
Yes, unless Data Steward restricts |
Yes, if not the master copy |
Yes |
| Gmail and other email services | No, unless Data Steward approves |
Data Steward must approve |
Data Steward must approve |
Yes, if not the master copy |
Yes |
| Removable Storage |
No | Encryption and Data Steward approval required |
Yes, unless Data Steward restricts |
Yes, if not the master copy |
Yes |
| Local PC | No | Encryption and Data Steward approval required |
Yes, unless Data Steward restricts |
Yes, if not the master copy |
Yes |
| No | Yes | Yes | Yes | Yes | |
| Mobile Device | No | Data Steward must approve |
Yes, unless Data Steward restricts |
Yes, if not the master copy |
Yes |