Where Should I Store Sensitive Data?
December 13, 2019
Most of us interact with confidential information every day, whether it’s private information about students or employees, or sensitive information about how Biola runs its business. Sensitive data is any information that we don't make publicly available. But where should we store sensitive information? And how should we share it with our coworkers? The way we store and share private information is the backbone of information security.
Before we begin: As a rule, you should not store unnecessary copies of sensitive information in multiple locations (with the exception of CrashPlan backups). This is because:
- The more copies of a file that exist, the greater chance of one of them being lost or attacked.
- It becomes difficult to track which copy of the data is current and accurate.
You may store sensitive data on your computer. But, you should delete it when you’re done using it.
The two most important questions to ask when storing sensitive information are:
- Is the data encrypted?
- Who has access to the data?
For the last 5 years, Biola’s Information Technology team has worked to enable encryption on all Biola computer hard drives. This means that even if your computer is stolen and the hard drive is removed, attackers won’t be able to access the data without your password.
Your Biola-owned computer is only intended for you. If you need to share data, it is best to store it in a location that supports sharing, like your Biola Google Drive.
Biola information must be stored on a Biola-owned system or service. You may not store Biola information on a home computer or personal laptop.
If you need to do Biola work on a personally-owned computer, you should store the data on a Biola-managed system or service, like your Biola Google Drive.
External Hard Drive
You should never put sensitive information on an external hard drive.
Most external hard drives (including thumb drives) are unencrypted, meaning anyone who finds them can access the information. Lost or stolen unencrypted hard drives are one of the most common sources of data breaches, even at some of our neighboring schools.
As a rule, Biola IT no longer allows purchasing external hard drives due to the security risks.
Biola Google Drive
You may store sensitive information on Google Drive if you take the necessary security precautions.
Google Drive is a secure, encrypted online storage solution for Biola staff, faculty, and students. All Biolans are granted unlimited storage in their Google Drive. You can also use Google Backup and Sync to easily sync the information in your Google Drive account with your Biola-owned computer. Do not sync the Biola data from your Google Drive to a personally-owned computer.
The main security risk with Google Drive is phishing. If your account is phished, then all the data in your Google Drive could be compromised. For this reason, if you store sensitive data on your Google Account you must:
As always, do not share your passphrase with anyone.
Biola has entered into a contract with Google that ensures the security and privacy of Biola data.
Department File Server
You may put sensitive information in your files.ad.biola.edu server, but only if your entire department should have access to it.
A department’s Files server is available to everyone in that department or team. As a rule, you should never share sensitive information with someone who doesn’t need it.
Personal iCloud/Dropbox/Box Account
You may not store any Biola information on a personal cloud storage account. Biola information must be stored only on Biola-owned systems and services.