Support Page Content
Secure File Storage & Sharing
Where should I store this file?
How do I know if my file contains protected data?
What happens if this information gets into the wrong hands?
There's a lot to consider about proper file storage and sharing when sensitive Level 1 or Level 2 data is involved. Campus relies more than ever on a hybrid model of on-site resources and cloud-based services to store and share information, which can leave us open to information security breaches.
First, let's cover what is considered Level 1 and Level 2 data, and then which solutions you need to use to securely store and share your files, whether on or off-campus.
Data Classifications
Part of secure file storage and sharing is knowing what the data you're working with is, and then where it should be stored. But what qualifies as confidential Level 1 data, and why do they require different sharing and storage solutions? The simple answer is compliance and information security.
For most of us, this helpful at-a-glance chart covers the most common protected data types and distinguishes between Level 1 versus Level 2 data. If you often work with sensitive Level 1 data, be sure to review all data classification and protection policies and standards.
File Storage/Sharing Solutions
From campus-managed solutions to cloud-based storage and sharing tools, file types - and the data those files contain - matters. For instance, if you're working with Level 1 data, privacy and compliance requires that you only use a secure storage and sharing solution. Here are some other questions to consider:
- What kind of security does my file need? Does it contain Level 1 or Level 2 data?
- How many records are there? (A file with 500 records of Level 2 data needs to be treated the same as Level 1 data)
- How large are the files I'm sharing?
- Does it need long-term backup?
- Will I need to share a document with someone outside of the University?
What Tool to Use?
Microsoft OneDrive is the recommended storage and sharing tool for most use cases, but not for Level 1 data.
The following chart provides an overview of supported tools and processes based on data type. Outside storage and sharing sources (such as Dropbox) which are not supported by campus should never be used.
Solution | Faculty | Staff | Student | Level 1 Data | Level 2 Data | On Campus Sharing | Off-Campus Sharing |
---|---|---|---|---|---|---|---|
Cloud-Based Storage & Sharing | |||||||
Microsoft OneDrive & SharePoint Individuals and syncing between devices Learn about OneDrive |
✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
Microsoft Teams Group communication, storage, and collaboration Learn about Teams |
✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |
Campus-Managed Storage & Sharing | |||||||
N: Drive (Shared) Departments/divisions Request a Shared Folder |
✔ | ✔ | ✔ | ✔ | |||
P: Drive (Project) Cross-functional teams Request a Project Folder |
✔ | ✔ | ✔ | ✔ | |||
SacFiles Secure Storing/sharing confidential data Request a SacFiles Folder |
✔ | ✔ | ✔ | ✔ | ✔ | ||
Share Level 1 Data off-campus? GoAnywhere Secure Mail | ✔ | ✔ | ✔ | ✔ |
Data Security Tools
Beyond the due-diligence of every campus member, a significant part of our cloud storage security processes are tools and internal audits that support compliance, help identify and mitigate potential risks, and reduce or eliminate information security breaches.
Purview DLP by Microsoft
Purview DLP by Microsoft is an automatic data protection tool that helps ensure that files containing Level 1 data housed within Microsoft 365 tools are stored properly and securely. Think of it like a "Roomba for cloud file storage." Purview DLP will automatically notify you if a file needs to be moved to a secure storage location.
How Microsoft Purview DLP Works
What if My File is Flagged?
To locate/move a file Microsoft DLP has flagged:
- Login to Microsoft 365 with your Sac State credentials
- Type in the name of the file into the search box
- Move the file to a secure storage destination (like OneDrive or other recommended/supported source)
False Positives
On occasion, Microsoft Purview DLP scans may return a "false positive" - meaning a flagged file may not actually contain Level 1 data. If you think your file has been flagged in error, you can override the alert by providing a justification.
Identity Finder/Spirion
Every University-managed workstation/device includes Identity Finder (also known as Spirion), a scanning software you manually run to locate any sensitive data saved locally on your device.
Learn More About Identity Finder
Sensitive Data Inventory Survey
An important part of supporting CSU and industry data privacy policies and standards is educating and regularly evaluating campus-wide data security hygiene involving protected Level 1 and Level 2 data.
On a biennial basis, select administrators and/or staff from each campus department completes the Sensitive Data Inventory Survey to help document how their area manages and stores records containing sensitive data elements, with the goal of providing an important baseline for managing sensitive data moving forward.
How to Prepare
- Review the Data Classification and Protection Standard.
- Take Inventory/Document
Whether paper or electronic, sensitive Level 1 and Level 2 data may exist in many forms and locations. It's helpful to create lists of these assets before taking the survey, answering these questions: "what data do we have, where it is located, and who has access to the data?" At the end of the survey, there is a prompt to upload your list. - Review Data Categories Covered in the Survey:
Personally Identifiable Information (PII) including SSN numbers, DOB, or Drivers' License
Private Key (digital certificate)
Psychological counsel records
Electronic signatures (not including Acrobat Sign)
Forms of national and/or international ID
Passwords or credentials
Credit or debit cardholder data
Healthcare information
Law enforcement information
Employee/Student/Alumni/Job Applicant/University Donor information
University research - Preview the Survey Questions.
We've provided the survey questions in advance to help you prepare. For efficiency, please consider organizing/consolidating a single survey response for each logical business unit with your division. Note: This survey can be delegated to another manager or support staff to be completed for your area.
Get Support
Get Support
Unsure what storage or sharing option is best for the type of information you're working with?
Contact the IRT Service Desk Team at servicedesk@faroor.com or 916-278-7337 during open hours.