These general principles are beneficial for everyone, but are particularly important if you work with data of heightened sensitivity.
- Keep what you view on your computer screen private.
Consider if it’s possible for someone to walk into your workspace and view sensitive data on your screen. Take steps to prevent this, such as turning your monitor or using a privacy screen.
- Keep your equipment safe.
One of the most common ways data is exposed is through lost or stolen hardware. Don’t give someone an opportunity to steal equipment where you keep sensitive data, such as your computer, mobile, or portable storage devices. Sensitive data stored on devices you take out of your workspace is at particular risk. Steps to prevent hardware theft include locking your computer down and storing small devices out of view, preferably in locked drawers, when they aren’t in use. Mobile devices used for institutional information must comply with the Mobile Device Security Standard.
- Keep security in mind whenever you work off campus.
Visit the IU Knowledge Base document: The Basics of VPN at IU to review how you can ensure all of your network traffic is secure when working or connecting remotely.
- Find out what backup solutions your department recommends, and keep data backed up.
Regular backups not only protect you against losing all your work, but also if your computer is lost or stolen. Having the backed-up data at hand makes it possible to determine what sensitive data may be at risk.
Do-it-yourself backup solutions pose risks. For example, data may be backed up on an irregular basis, or it may put confidential data at risk by storing it on external hard drives that are easy to steal. For this reason, do-it-yourself backup solutions are discouraged. Use a backup service that guarantees data is backed up regularly and stored securely. Contact your department’s technical support staff for recommendations.