{"id":3131,"date":"2026-04-09T19:11:52","date_gmt":"2026-04-09T19:11:52","guid":{"rendered":"https:\/\/www.tarleton.edu\/technology\/?page_id=3131"},"modified":"2026-04-09T19:11:53","modified_gmt":"2026-04-09T19:11:53","slug":"tarleton-oits-portable-computing-standard","status":"publish","type":"page","link":"https:\/\/www.tarleton.edu\/technology\/tarleton-oits-portable-computing-standard\/","title":{"rendered":"Tarleton OITS Portable Computing Standard"},"content":{"rendered":"\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66.66%\">\n<h1 class=\"wp-block-heading\">Tarleton Office of Innovative Technology Solutions (OITS) <br> Portable Computing Standard<\/h1>\n\n\n\n<p>Effective: February 11, 2020<\/p>\n\n\n\n<p>Revised:\u00a0 April 9, 2026\u00a0<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:33.33%\">\n<figure class=\"wp-block-image alignright size-large is-resized\"><img decoding=\"async\" src=\"https:\/\/www.tarleton.edu\/technology\/wp-content\/uploads\/sites\/170\/2021\/12\/Tarleton_TonTexas.svg\" alt=\"The Tarleton State University logo\" class=\"wp-image-670\" style=\"width:159px;height:auto\" \/><\/figure>\n<\/div>\n<\/div>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator alignfull has-alpha-channel-opacity has-vivid-cyan-blue-to-vivid-purple-gradient-background has-background is-style-wide\" \/>\n\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Procedure Summary<\/strong>&nbsp;<\/h2>\n\n\n\n<p>Portable computing devices are becoming increasingly powerful and affordable.\u00a0Their functionality and small size are making these devices more desirable to replace traditional desktop devices in a wide number of applications.\u00a0However, the portability offered by these devices may increase the security exposure for individuals using the devices.\u00a0\u00a0<\/p>\n\n\n\n<p>Tarleton State University\u2019s (Tarleton or university) information resources are strategic assets which, as property of the State of Texas, must be managed as valuable state resources in accordance with <a href=\"https:\/\/statutes.capitol.texas.gov\/Docs\/GV\/htm\/GV.2054.htm\">Texas Government Code Chapter 2054<\/a>. This standard applies to Tarleton information resources that store, process, or transmit mission critical and\/or confidential information.&nbsp;&nbsp;<\/p>\n\n\n\n<div class=\"wp-block-group word-wrap: normal is-layout-flow wp-block-group-is-layout-flow\">\n<p>The purpose of the Tarleton physical access standard is to provide guidance on the responsibilities of information resource owners to protect data\u00a0residing\u00a0on portable devices. The assessment of potential risks and the application of appropriate mitigation measures will be determined by the information resource owner or their designee. In accordance with <a href=\"https:\/\/texas-sos.appianportalsgov.com\/rules-and-meetings?chapter=202&amp;interface=VIEW_TAC&amp;part=10&amp;title=1\">Texas Administrative Code (TAC) Chapter 202 \u2010 Information Security Standards<\/a>, each department and\/or resource owner may elect not to implement some or all of the risk mitigation measures provided in this standard based on information security risk management decisions and business functions. Such risk management decisions must be documented and reported to the designated information security officer. This standard applies to the use of all portable information resources devices that process,\u00a0contain\u00a0or have direct access to confidential information. This standard will apply equally to all individuals who\u00a0utilize\u00a0portable computing devices and access Tarleton information resources. <\/p>\n\n\n\n<p>Please see the <a href=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/\"><\/a><a href=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/media-protection-mp\/\">Tarleton Security Controls Catalog, specifically the Media Protection (MP) family<\/a>, for additional information and requirements.<\/p>\n<\/div>\n\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Procedures and Responsibilities<\/strong>&nbsp;<\/h2>\n\n\n\n<ul class=\"wp-block-list its-nested-list\">\n<li>Whenever possible, portable computing devices must be password protected.\u00a0\u00a0<\/li>\n\n\n\n<li>Whenever possible,\u00a0sensitive\u00a0or confidential Tarleton data should not be stored on portable computing devices or portable storage devices. However,\u00a0in the event that\u00a0there is no alternative to local storage, such data must be encrypted using university-approved encryption techniques.\u00a0\u00a0<\/li>\n\n\n\n<li>Sensitive or confidential information must not be transmitted via wireless to or from a portable computing device unless approved wireless transmission protocols and encryption techniques are\u00a0utilized.\u00a0\u00a0See the Tarleton Security Controls Catalog <a href=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/access-control-ac\/ac-19-access-control-for-mobile-devices\/\">AC-19, Access Control for Mobile Devices<\/a> and <a href=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/system-and-communications-protection-sc\/sc-13-cryptographic-protection\/\">SC-13, Cryptographic Protection<\/a> for additional information. <\/li>\n\n\n\n<li>All remote access (e.g.\u00a0Internet, Remote Desktop Protocol (RDP), etc.) to confidential information from a portable computing device shall\u00a0utilize\u00a0encryption techniques, such as Virtual Private Network\u00a0(VPN), Secure Socket Layers (SSL) or secure File Transfer Protocol (SFTP).\u00a0\u00a0<\/li>\n\n\n\n<li>Unattended portable computing devices shall be kept physically secure using means appropriate to the potential risk associated with the device. <\/li>\n\n\n\n<li>Keep portable computing devices patched and updated. <\/li>\n\n\n\n<li>Install anti-virus software and a personal\u00a0firewall\u00a0where applicable.\u00a0\u00a0<\/li>\n\n\n\n<li>Information resource owners will ensure that any portable computing device(s) within their area of responsibility is being managed and used\u00a0in accordance with\u00a0the <a href=\"https:\/\/www.tarleton.edu\/policy\/wp-content\/uploads\/sites\/142\/2022\/06\/29_01_03_T0_01.pdf\">Tarleton Acceptable Use\u00a0procedure<\/a> and applicable Tarleton Security Controls Catalog requirements.\u00a0\u00a0\u00a0\u00a0<\/li>\n<\/ul>\n\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Definitions<\/h2>\n\n\n\n<p><strong>Confidential Information<\/strong>: information that is excepted from disclosure requirements under the provisions of applicable state or federal law, e.g. the Texas Public Information Act.&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<p><strong>Information Resources (IR)<\/strong>: the standards, equipment, and software that are designed, employed, operated, and maintained to collect, record, process, store, retrieve, display, and transmit information or data.&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<p><strong>Information Security Officer (ISO) \/ Chief Information Security Officer (CISO)<\/strong>: responsible for administering the information security functions within the university and reports to the information resources manager (IRM).&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<p><strong>Mission Critical Information<\/strong>: information that is defined by the university or information resource owner to be essential to the continued performance of the mission of the university or department. Unavailability of such information would result in more than an inconvenience. An event causing the unavailability of mission critical information would result in consequences such as significant financial loss, institutional embarrassment, failure to comply with regulations or legal obligations, or closure of the a department or the university&nbsp;&nbsp;<\/p>\n\n\n\n<p><strong>Owner of an Information Resource<\/strong>: an entity responsible for a business function and for determining controls and access to information resources supporting that business function.&nbsp;&nbsp;<\/p>\n\n\n\n<p><strong>Portable computing devices<\/strong>: Any easily portable device that\u00a0is capable of receiving,\u00a0transmitting\u00a0and\/or storing data, and that can connect by cable, telephone wire, wireless transmission or via any Internet connection to the Tarleton infrastructure and\/or data systems. These include, but are not limited to: notebook computers, handheld computers, tablets, PDAs, pagers, smartphones, etc.\u00a0\u00a0<\/p>\n\n\n\n<p><strong>Portable Storage Device:\u00a0<\/strong>An easily portable device that stores electronic data which includes but is not limited to: flash drives, external hard drives, memory cards, DVDs, CDs, USB connected storage devices,\u00a0etc..\u00a0\u00a0<\/p>\n\n\n\n<p><strong>Remote Access:\u00a0<\/strong>The act of using a computing device to access another computer\/network from outside its established security realm (e.g. authentication mechanism, firewall, or encryption).\u00a0\u00a0<\/p>\n\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Related Statutes, Policies, or Requirements<\/strong>&nbsp;<\/h2>\n\n\n\n<p><a href=\"https:\/\/policies.tamus.edu\/29-01.pdf\">TAMUS Policy 29.01, Information Resources<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/policies.tamus.edu\/29-01-02.pdf\">TAMUS Regulation 29.01.02, Use of Licensed Software<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/policies.tamus.edu\/29-01-03.pdf\">TAMUS Regulation 29.01.03, Information Security<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/policies.tamus.edu\/29-01-04.pdf\">TAMUS Regulation 29.01.04, Accessibility of Electronic and Information Resources<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/policies.tamus.edu\/29-01-05.pdf\">TAMUS Regulation 29.01.05, Artificial Intelligence<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/policies.tamus.edu\/29-01-06.pdf\">TAMUS Regulation 29.01.06, Covered Applications and Prohibited Technologies<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.tarleton.edu\/policy\/wp-content\/uploads\/sites\/142\/2022\/06\/29_01_03_T0_01.pdf\">Tarleton SAP 29.01.03.T0.01, Information Resources &#8211; Acceptable Use<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.tarleton.edu\/policy\/wp-content\/uploads\/sites\/142\/2022\/06\/29_01_99_t1.pdf\">Tarleton Rule 29.01.99.T1, Information Resources<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.tarleton.edu\/security-controls-catalog\/\">Tarleton Security Controls Catalog<\/a><\/p>\n\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Contact Office<\/strong>&nbsp;<\/h2>\n\n\n\n<p>Office of Innovative Technology Solutions&nbsp;<\/p>\n\n\n\n<p>AVP and CIO of Innovative Technology Solutions&nbsp;<\/p>\n\n\n\n<p>254-459-5685&nbsp;<\/p>\n\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Tarleton Office of Innovative Technology Solutions (OITS) Portable Computing Standard Effective: February 11, 2020 Revised:\u00a0 April 9, 2026\u00a0 Procedure Summary&nbsp; Portable computing devices are becoming increasingly powerful and affordable.\u00a0Their functionality &#8230;<\/p>\n","protected":false},"author":94,"featured_media":580,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"template-fullwidth.php","meta":{"_acf_changed":false,"inline_featured_image":false,"advgb_blocks_editor_width":"","advgb_blocks_columns_visual_guide":"","footnotes":""},"class_list":["post-3131","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"coauthors":[],"author_meta":{"author_link":"https:\/\/www.tarleton.edu\/technology\/author\/jgeorge\/","display_name":"jgeorge"},"relative_dates":{"created":"Posted 4 days ago","modified":"Updated 4 days ago"},"absolute_dates":{"created":"Posted on April 9, 2026","modified":"Updated on April 9, 2026"},"absolute_dates_time":{"created":"Posted on April 9, 2026 7:11 pm","modified":"Updated on April 9, 2026 7:11 pm"},"featured_img_caption":"","featured_img":false,"series_order":"","_links":{"self":[{"href":"https:\/\/www.tarleton.edu\/technology\/wp-json\/wp\/v2\/pages\/3131","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tarleton.edu\/technology\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.tarleton.edu\/technology\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/technology\/wp-json\/wp\/v2\/users\/94"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/technology\/wp-json\/wp\/v2\/comments?post=3131"}],"version-history":[{"count":2,"href":"https:\/\/www.tarleton.edu\/technology\/wp-json\/wp\/v2\/pages\/3131\/revisions"}],"predecessor-version":[{"id":3133,"href":"https:\/\/www.tarleton.edu\/technology\/wp-json\/wp\/v2\/pages\/3131\/revisions\/3133"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/technology\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.tarleton.edu\/technology\/wp-json\/wp\/v2\/media?parent=3131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}