Cybersecurity month tip #3 - Know Your Data (and how to secure it)

All students, faculty and staff at Williams use data which needs to be protected. Information like SSNs, account numbers and passwords have monetary value to thieves. You may also have access to information that is protected by law. Find out what you need to be cognizant of and what to protect.

Some data we work with frequently can not legally be transmitted or stored in an insecure manner. SSNs and account numbers can not be sent in the body of an email or in unencrypted attachments. Requests for SSNs, account numbers or usernames and passwords via email should be treated as scams. Other laws which require a high level of security for specific information: HIPAA: Health Insurance Portability & Privacy Act (protects personal health information) GLBA: Gramm-Leach Bliley Act (protects non-public financial information, including student loan information) PCI DSS: Payment Card Industry Data Security Standards (protects credit and debit card information).

Please read more about the different classifications of data you use and how to appropriately manage and store it: http://oit.williams.edu/help/security/know-your-data-and-how-to-secure-it/

And one simple piece of advice: if you don’t need it, get rid of it!