UW-Parkside employees deal with sensitive data on a daily basis. Hackers and other nefarious actors would consider data such as parents' tax returns, student images, grades, and employee data a treasure trove of information. Federal and State laws require that employees protect sensitive data.
|Service or System\Data Sensitivity||FERPA|
|Credit Card &|
|Email & Calendar|
|Hard Drive & Flash Drives*|
|Web Storage (Dropbox, Box, etc)**|
|UWP File Shares and Servers|
|UWP OneDrive (future)|
|Qualtrics Survey Tool|
|Learning Management System (LMS)|
|UW/UWP Web and Video Conferencing|
|Non-UW Web and Video Conferencing|
|Personally Owned Computers ***|
|Document Imaging System|
|Other Third Party System ****|
* Computer hard drives may be used with high level of caution for brief storage of sensitive data, such as when transferring files or when an application requires it
** Some UW institutions have signed contracts with providers such as Box.net. Using those services when contact is initiated by such institutions is allowed.
*** Personally Owned Computers may be allowed to access sensitive data via authorized remote secure tunnel connection
**** Third party systems may not store sensitive data except where the system owns such data (e.g. EMR system manages health/HIPAA protected records)
Even when sensitive data is allowed to be stored caution must be exercised. You may send, store or share the sensitive data type with a particular service if the data owner and your department/unit policies permit you to do so. For additional information, contact the CTS Information Security Officer or the campus FERPA official.
UW-P's security policies and best practices require sensitive University data to be stored on Campus Technology Services (CTS) managed file shares. This minimizes the risk of University data being compromised and accessed by unauthorized individuals as a result of a local computer workstation security breach (such as a virus). CTS has deployed security software, Identity Finder, on employees' computers. This software is designed to assist with finding and removing or relocating files with sensitive data (such as SSNs) away from the hard drive. As part of security compliance process regular reports will be produced that identify the amount of sensitive data stored on all University workstations. Employees are encouraged to run the Identity Finder tool on computer's hard drive and proactively remove or relocate files with sensitive data. For instructions please visit this knowledgebase page.
All new campus PCs are issued with the BitLocker tool enabled. This tool protects the computer's drives so that the data on them are nearly impossible to access by thieves should the computer or the drive be stolen. Consider enabling BitLocker on any personal PCs also.
All campus PCs are now set to lock the screen after 10 minutes of no activity. This helps ensure the protection of the data on the computer or on the network.