You are here

Home arrow image Sensitive Data Guide arrow image Federal Information Security Management Act (FISMA) Data

Federal Information Security Management Act (FISMA) Data

The Federal Information Security Management Act (FISMA) requires federal agencies and those providing services on their behalf to develop, document, and implement security programs for IT systems and store the data on U.S. soil. FISMA applies generally to federal contracts as opposed to grants.

Frequently Used by: 

Faculty
Staff
Researchers

Category: 

Sensitive

Examples: 

  • Data provided by the federal government under contract

Laws/Regulations/Policies: 

NIST FISMA website

M+Box Core Apps: 

Not Permitted

M+Google Mail and Calendar: 

Not Permitted

M+Google Drive (Docs): 

Not Permitted

M+Google Sites, Talk, Groups, Tasks: 

Not Permitted

M+Google Additional Services (Non-Core): 

Not Permitted

M+Box Additional Apps (Non-Core): 

Not Permitted

Personal Device (phone, tablet, laptop, etc.): 

Not Permitted

Personal Account (Dropbox, Evernote, etc.): 

Not Permitted

UMHS Exchange Email and Calendar: 

Not Permitted

CTools: 

Not Permitted

Wolverine Access: 

Not Permitted

MiDatabase: 

Not Permitted

MiServer: 

Not Permitted

Desktop Virtualization (VDI): 

Not Permitted

TSM Backup: 

Not Permitted

MiWorkspace: 

Not Permitted

Sitemaker: 

Not Permitted

Virtualization as a Service (VaaS): 

Not Permitted

Value Storage: 

Not Permitted

Mainstream Storage: 

Not Permitted

Data Warehouse: 

Not Permitted

ITS Exchange Email and Calendar: 

Not Permitted

Desktop Backup (Powered by CrashPlan): 

Permitted

Flux: 

Not Permitted