All employees who work with sensitive data must take the following precautions to defend it from theft or accidental disclosure. Sensitive data includes Social Security numbers, birthdates, passport or visa numbers, banking information and protected health information.
To ensure that this data remains secure, employees must:
- Store it in an approved location, such as STAR (Banner) or MAP. Never store it in SharePoint, OneDrive or an external location like DropBox, unless previously approved by ITS. Never download it.
- Only access the data on devices that have been approved by ITS.
- Use encryption methods to share sensitive data, and never share it outside WVU or by an unsafe method, such as email or instant messaging. Only print when it’s required, and only to printers with restricted access.
- Log off or lock your computer before stepping away.
- Lock physical files in a secure location when you are not actively using them.
- Safely dispose of physical files when they are no longer needed by using a cross-cut shredder. Ask your IT department for assistance removing electronic files from WVU-owned computers.
ITS scans WVU-owned computers and laptops to identify sensitive data stored in unapproved locations. All those who are in violation will be asked to delete or move the data to a secure location. In some cases, the data will be automatically deleted.
For more information about securing, transmitting and disposing of sensitive data, review the Sensitive Data Protection Standard.
Have questions? Contact the experts at DefendYourData@mail.wvu.edu.