- Store data on protected equipment, like OIT File Services
- Never store sensitive data on laptops or mobile devices, including USB and external hard drives
- Never send sensitive or personal information by email
- Only keep as much sensitive data as you are obligated to keep
Store Data in a Safe Place
Network storage solutions, like OIT File Services, are a great way to protect your university-related sensitive information. OIT File Services can only be accessed by those with appropriate permission and is frequently backed up to prevent data loss.
Additionally, these solutions protect data from theft by storing them on secured equipment and not on devices that could be stolen. If you must store data on a local computer or device, be sure to use a strong password to protect the machine.
Should I save university-related sensitive data to cloud solutions, such as Google Drive, Dropbox, etc.?
Student and health-related data are subject to NSHE policies as well as state and federal law. We recommend OIT FIle Services for the storage of sensitive or protected university data. Please contact the IT Help Desk if you have questions about using other services to store sensitive data.
Should I save my personal sensitive data to cloud solutions, such as Google Drive, Dropbox, etc.?
Many services offer protection for sensitive data, but in general, cloud storage solutions may not provide encryption for your data as it sits in storage. It’s up to you to review these services and decide whether or not they suit your needs to protect your personal information.
Never send sensitive information by email
Emailing sensitive information puts that information out of your control, and in many cases of university data, violates state and federal laws that protect private information. If you must share sensitive or private information, consider secure means of transferring that information, such as the UNLV Secure File Transfer tool.
Remove unneeded data
Consider only storing absolutely necessary information. The more information that exists on a computer or on network storage, the more than can be stolen in the event of a data breach. If you no longer have a need for the data and have no legal obligation to retain it, delete it.