Personal tools
You are here: Home Services Consulting Services Safe Computing How to Protect Sensitive Data

How to Protect Sensitive Data

Steps and guidelines you can take to keep your Data private.

Keeping Sensitive University Data Secure Is a Community Responsibility

What is “sensitive” or “high risk” University data? At UW Oshkosh, we have defined this as:

  • Social Security Numbers
  • Credit/Debit Card Numbers
  • Driver’s License Numbers/other Government Issued Identification Numbers
  • Health Information

How great is the risk? The University’s computer environment is constantly under attack from hackers. As many as 1,000 probes hit campus addresses each second.

Be assured that computing services on campus work hard to provide a “safe” computer environment with firewalls, passwords, spam filters, antivirus software and a web proxy server. We are also working on encryption solutions for campus. We will let you know when these are available.

Learn what you need to do by reading the Did You Know section below. If you have questions, contact the Academic Computing Helpdesk.

Did You Know

1. Did you know that hackers can gain access to sensitive University data from work stations on or off campus?

This may occur if University and/or personally owned computers, used for work with high risk /sensitive data, are also used for accessing websites and email.

You can make a difference if you:

  • Do make sure that virus protection is current on your work and home computers including laptops.
  • Do use strong passwords. Read more about what constitutes a strong password.
  • Do lock your workstation when leaving your office.
  • Do consider setting a password protected screen saver.
  • Do not use your work computer for non work-related tasks (examples: web surfing, emailing, Face Book, shopping).
  • Do not open emails with links or attachments from unknown sources.
  • Do not respond to "urgent" emails asking you to provide login information.
  • Do not install no-charge or ad-supported software, including browser plug-ins, onto your work computer.

Contact the Academic Computing Helpdesk if you have questions.

 

2. Did you know that sensitive University data should not be stored on local hard drives or on personal storage devices (e.g. USB drives)?

You can make a difference if you:

  • Do check with your supervisor to learn where your designated secure storage space is.
  • Do review old files and remove any with sensitive University data that is no longer necessary.
  • Do contact the Academic Computing Helpdesk about possible alternatives, if such information must be retained and shared.
  • Do password protect the link/ticket and set an expiration time if sharing any sensitive information through Titan Files (PDF).

Contact the Academic Computing Helpdesk if you have questions.

 

3. Did you know that mobile devices (either University or personally owned) may have sensitive University data stored on them?

Even if you think these do not have any sensitive data on them, emails and attachments may contain sensitive data that can be hacked or found if an unsecured device is lost or stolen.

You can make a difference if you:

  • Do make sure that virus protection is current.
  • Do password-protect these devices.
  • Do use the remote wiping functionality if a device is lost or stolen.
  • Do install antivirus software on your mobile device.
  • Do not store sensitive University data on these devices.
  • Do not keep emails or attachments that contain sensitive data on these devices.

Contact the Academic Computing Helpdesk if you have questions.

 

4. Did you know that accounts that provide access to sensitive data should never be shared, should be re-evaluated if the account owner changes jobs, and should be locked when the account owner leaves the University?

You can make a difference if you:

  • Do make sure that you have the access that you need to do your job within your own accounts. If you are the supervisor, you are responsible to make sure this is done for each staff member.
  • Do make sure that your accounts are re-evaluated if you change jobs at the University. You, as the account owner, can do these things before transferring, and each supervisor is responsible for making sure this is done.
  • Do make sure your accounts are locked before you leave the University. You, as the account owner can do this before leaving, and each supervisor is responsible for making sure this is done.
  • Do not share your passwords with anyone.

Contact the Academic Computing Helpdesk if you have questions.

 

5. Did you know that sensitive University data is sometimes stored on copiers, printers, faxes and scanners that are attached to the Internet?

Hackers can obtain this data if certain security measures are not taken.

You can make a difference if you: