TE - Security Secure Data Handling Practices
These guidelines provide direction on securely handling high risk data.
- Any time that secure data handling practices are not followed, the incident should be reported to the Service Center and your institution’s incident response procedures should be followed.
- In the following guidelines, any time you are directed to report something, this means notify the Service Center and follow your institution’s incident response procedures.
Only update information within HRS that you have a legitimate business need to modify.
Do not display high risk data in an environment where it may be viewed by unauthorized individuals.
Any document containing high risk data must not be duplicated physically or electronically and further distributed without permission of your Campus Data Custodian.
When printing documents that contain high risk data ensure that only authorized personnel will be able to see the output.
- The printer must be located in a non‐publicly accessible area (e.g., monitored office environment).
- These documents should be retrieved as soon as they are printed.
- Report any unattended printed documents.
- When using a photocopy machine to duplicate documents containing high risk data, clear that document from the document history log so it cannot be reproduced by an unauthorized user.
Any high risk data stored outside of HRS should be stored securely and deleted when no longer needed.
How to securely store data:
- Removable Media and Flash Drives -The use of flash drives or removable media such as DVD, CD, or similar to store high risk data is discouraged because these are easily lost or stolen. However, in cases where high risk data must be stored on removable media or flash drives, encryption of the data is required. The media must be stored in a secured area such as locked office furniture, locked offices, and other locations specifically dedicated to secure storage of records when not in use or properly destroyed. The media should not be taken home.
- Paper documents - When not in use, paper copies must be stored in a secured location such as locked office furniture, locked offices, and other locations specifically dedicated to secure storage of records. They should not be taken home.
- Workstations -Workstations where users handle electronic documents that contain high risk data must comply with the following requirements
- Secured with a password compliant with UW System Administrative policies.
- Enabled full disk encryption to protect from data theft.
- Email and IM - High risk data should never be stored in email or IM.
Guidelines for securely sending/receiving high risk data:
- Hand Deliver - If you hand deliver high risk data, ensure that only the intended recipient obtains access to the information.
- Verbal - Do not discuss high risk data in an environment where it may be overheard by unauthorized individuals.
- Email - Unencrypted email should never be used to send or receive high risk data, as email by nature is insecure, subject to interception, being read or copied while in transit. If you must email high risk data, the email must be encrypted to prevent the email from being read if intercepted.
NOTE: Emails that include unencrypted data should be immediately deleted and reported.
- Instant Messenger - Sending or receiving high risk data via instant messages (IM) is prohibited as IM is insecure and subject to interception and being read or copied in transit.
NOTE: IMs that include high risk data should be immediately deleted and reported.
- Fax Machine - The fax machine must be located in a non‐publicly accessible area (e.g., monitored office environment). The sender must ensure the receiver is present when a fax containing high risk data is being transmitted.
NOTE: Report any unattended fax containing high risk data.
- Data transmitted via fax is saved on both the sending and receiving fax machines. The document can be reproduced at either end by an unauthorized user. When sending or receiving faxes containing high risk data delete the document from the fax.
- Mail - If you cannot deliver by hand and must use mail, do the following:
- Put the information in a non-windowed envelope
- Seal the envelope closed with tape and sign across the tape that seals the envelope, or use tamper evident tape.
- If using inter-campus mail, put the envelope into a campus inter-office envelope with no special indications on it to avoid drawing attention to the envelope.
- If using external mail, put the envelope into a mailing envelope with no special indications on it to avoid drawing attention to the envelope and use a return receipt.
- Confirm that your recipient receives the mail and there is no evidence of tampering/removal of the seal.
- Secure FTP - you can transfer high risk information using a secure ftp site if available.
All copies of high risk data should be destroyed when no longer needed. How to securely destroy or delete high risk data:
- Paper - Crosscut shred or pulp all high risk data in paper form to ensure physical destruction beyond ability to recover.
- Removable media - must be destroyed by complete physical destruction of the media beyond ability to recover.
- Flash drives - must be wiped with a FIPS compliant overwrite prior to being repurposed or physically destroyed.
NOTE: additional information on FIPS can be found here.
- Electronic documents stored on a workstation (Word, TXT, Excel, etc.) - must be deleted and emptied from the trash bin. The workstation must be wiped with a FIPS compliant overwrite prior to being repurposed or destroyed.
- Email - Deleting an email with high risk data includes deleting all instances of the email, including replies or forwards that may include the data, from your “Inbox”, “Sent Items” as well as your “Deleted Items”.
- IM - Delete all stored instances of IM messages containing high risk data.
Related KBs:Related Links: