There are important things that you can do to protect your own personal identity and critical responsibilities that anyone who works with university data must be aware of.
Identity theft criminals are always looking for new ways to get your personal information. This can range from digging through your trash to sending malicious email messages to deceive you. There are important steps to take to make sure your personal information, such as credit card numbers, bank account information, Social Security Number, passwords, or other sensitive information, is not exposed. Here are some recommendations from the FTC and others to help protect you against identity thieves.
If you get a message that is phishing for personal information, contact the IT Service Center (firstname.lastname@example.org or 303-735-4537) to find out if it has been reported. If you are able to confirm that the message in question has not yet been reported, then it should be forwarded, with full headers, to email@example.com.
CU-Boulder employees have access to, and are responsible for protecting, a wide variety of sensitive information. Unauthorized exposure of information such as student academic records, medical information, credit card information, and social security numbers can have a harmful affect on people's lives. Failure to take care of this information places people at risk of identity theft, misuse of personal funds, or unauthorized modification of information. We therefore all have a responsibility to educate ourselves on how best to protect the information we store electronically. CU-Boulder has specific requirements intended to ensure adequate protection of information we store from potential risks such as loss or modification. It is your responsibility to be aware of and understand these policies and procedures.
In an effort to better secure sensitive data at CU-Boulder, the IT Security Office has compiled this quick reference guide for highly confidential data. This type of data should not be stored on workstations or mobile computing devices (laptops, PDAs, flash drives, etc) unless a strong business need exists and proper security precautions have been taken.
Highly confidential data and some common occurrences:
Important practices to keep in mind when dealing with highly confidential data include: