911±¬ÁÏÍø

Where Should I Store Sensitive Data?

December 13, 2019

Most of us interact with confidential information every day, whether it’s private information about students or employees, or sensitive information about how 911±¬ÁÏÍø runs its business. Sensitive data is any information that we don't make publicly available. But where should we store sensitive information? And how should we share it with our coworkers? The way we store and share private information is the backbone of information security.

Before we begin: As a rule, you should not store unnecessary copies of sensitive information in multiple locations (with the exception of CrashPlan backups). This is because:

• The more copies of a file that exist, the greater chance of one of them being lost or attacked.
• It becomes difficult to track which copy of the data is current and accurate.

911±¬ÁÏÍø-Owned Computer

You may store sensitive data on your computer. But, you should delete it when you’re done using it.

The two most important questions to ask when storing sensitive information are:

• Is the data encrypted?
• Who has access to the data?

For the last 5 years, 911±¬ÁÏÍø’s Information Technology team has worked to enable encryption on all 911±¬ÁÏÍø computer hard drives. This means that even if your computer is stolen and the hard drive is removed, attackers won’t be able to access the data without your password.

Your 911±¬ÁÏÍø-owned computer is only intended for you. If you need to share data, it is best to store it in a location that supports sharing, like your 911±¬ÁÏÍø Google Drive.

Home Computer

911±¬ÁÏÍø information must be stored on a 911±¬ÁÏÍø-owned system or service. You may not store 911±¬ÁÏÍø information on a home computer or personal laptop.

If you need to do 911±¬ÁÏÍø work on a personally-owned computer, you should store the data on a 911±¬ÁÏÍø-managed system or service, like your 911±¬ÁÏÍø Google Drive.

External Hard Drive

You should never put sensitive information on an external hard drive.

Most external hard drives (including thumb drives) are unencrypted, meaning anyone who finds them can access the information. Lost or stolen unencrypted hard drives are one of the most common sources of data breaches, even at some of our neighboring schools. 

As a rule, 911±¬ÁÏÍø IT no longer allows purchasing external hard drives due to the security risks.

911±¬ÁÏÍø Google Drive

You may store sensitive information on Google Drive if you take the necessary security precautions.

Google Drive is a secure, encrypted online storage solution for 911±¬ÁÏÍø staff, faculty, and students. All 911±¬ÁÏÍøns are granted unlimited storage in their Google Drive. You can also use to easily sync the information in your Google Drive account with your 911±¬ÁÏÍø-owned computer. Do not sync the 911±¬ÁÏÍø data from your Google Drive to a personally-owned computer.

The main security risk with Google Drive is phishing. If your account is phished, then all the data in your Google Drive could be compromised. For this reason, if you store sensitive data on your Google Account you must:

• Enable 2-Step Verification
• Use a strong passphrase

As always, do not share your passphrase with anyone.

911±¬ÁÏÍø has entered into a contract with Google that ensures the security and privacy of 911±¬ÁÏÍø data.

Department File Server

You may put sensitive information in your files.ad.biola.edu server, but only if your entire department should have access to it.

A department’s Files server is available to everyone in that department or team. As a rule, you should never share sensitive information with someone who doesn’t need it.

Personal iCloud/Dropbox/Box Account

You may not store any 911±¬ÁÏÍø information on a personal cloud storage account. 911±¬ÁÏÍø information must be stored only on 911±¬ÁÏÍø-owned systems and services.