You are now in the main content area

How To Protect Confidential Data

With your help, TMU can minimize online threats.

More often than not, protecting confidential data is about what you do before theft or loss happens. If you have access to sensitive information, consider these recommendations to keep your data safer:

Saving and working on documents from a shared drive like Google Drive puts you at an advantage for recovering files, even if your computer is lost or stolen.

If your data is considered:

Then work from a shared drive or server is:

High sensitivity Required
Medium sensitivity Required
Low sensitivity Recommended
Public  Recommended
Unclassified Required

As an alternative to Google Drive, CCS also provides Central File and Print Services (CFAPS), which are personal and/or shared-access folders on file servers, free of charge for TMU faculty and staff.

Request access to Central File and Print Services

Two-factor authentication provides an additional level of security for your TMU account. Apart from requiring your password, a two-factor-enabled account will prompt users to enter a passcode that is generated by an application on your mobile device or key fob.

Set up two-factor authentication

If your data is considered: Then setting up two-factor authentication is:
High sensitivity Required 
Medium sensitivity Required
Low sensitivity Required
Public Recommended
Unclassified Required

It’s a good idea to password-protect all workstations, laptops, phones and tablets you use to access confidential information, just in case it falls into the wrong hands. Additionally, be sure to configure your screensaver to require a password to exit screensaver mode.

Tips on selecting a strong password

If your data is considered: Then password protecting your device is:
High sensitivity Required 
Medium sensitivity Required
Low Sensitivity Required
Public Recommended
Unclassified Required

Some departments at TMU have policies in place that restrict transporting data off campus. If you’re unsure whether this applies to your area, be sure to check first with your department’s chair, director or manager.

If your data is considered: Then seeking permission to transport data is:
High sensitivity Required
Medium sensitivity Required
Low sensitivity Required
Public Recommended
Unclassified Required

Because of the portability and small size of devices like USB keys and flash drives, confidential information kept on such devices are especially vulnerable to theft, loss or inadvertent sharing. If you have clearance to transport data and choose to use a portable device, consider one that supports password protection and encryption.

If your data is considered: Then choosing secure devices is:
High sensitivity Required 
Medium sensitivity Required
Low sensitivity Required
Public Recommended
Unclassified Required

Encryption is a process available on computers, mobile phones and other devices. The purpose of encryption is to protect confidential data from being accessed by unauthorized people in case your device is ever hacked, lost, stolen or replaced.

How it works

  • Encryption distorts or scrambles data so it can only be read by authorized people.
  • The only way to unscramble data is by entering a unique decryption key.
    • On some devices such as computers running Microsoft Windows 10, the unique encryption key is integrated with your device login process, which unscrambles your data automatically.
    • Other devices such as select USB drives, require users to enter a unique key or password before unscrambling the data.
  • On any device, it is recommended that you keep a copy of your decryption key in a safe place to unscramble your data whenever required by your system.

Advantages

Because data remains distorted unless the decryption key is provided, your confidential data remains private and intact as hackers and viruses will not be able to decrypt the files, and view, tamper with or alter them.

Enabling encryption

There are a number of encryption softwares available, including:

If your data is considered: Then encrypting your folders is:
High sensitivity Required
Medium sensitivity Required
Low sensitivity Required
Public Recommended
Unclassified Required