Data Risk Reference Grid
Data Risk Reference Grid
The Data Risk Reference Grid will help you get an overview of where you can properly store and handle data of different security levels.
: Allowed : Prohibited : Allowed with conditions met
|Dropbox, Google Drive, OneDrive cloud storage|
|Secured Data Environment|
Email is inherently an insecure method of communication. Medium and / or High risk data should never be sent via email. Consider using email for sending links to cloud storage with proper access control to higher risk data. The only caveat to that are files that are attached with appropriate file level encryption.
Slack on it’s own does not provide the required security protocols for Medium or High risk Data. Consider using Slack for sending links to cloud storage with proper access control to higher risk data.
AFS cannot accommodate Medium Risk data in it’s current configuration. Duo two-factor authentication for interactive user and administrator logins are not provided. If you require Medium Risk data on AFS, please see our Secured Data Environment.
NFS does not provide any reasonable security whatsoever. Medium and / or High risk data should never be stored on NFS
Dropbox, Google Drive, OneDrive
Medium risk data can be stored in Dropbox, Google Drive or OneDrive with the proper access control and responsible steps in place. Such data should be reasonably secured by sharing only with persons who need to access the data for a permissible purpose, and under strict instructions that these persons (a) may not share the data with any third party, absent permission from you, and (b) should delete the data from their local systems when they are finished with it. For more details, please see MIT IS&T’s Knowledgebase Article
Managed CSAIL Ubuntu machines do not provide the required security protocols for Medium or High risk Data. If you must store Medium Risk data, consider a Secured Data Environment
It is possible to setup your own local storage provided you implement appropriate tasks to protect your data
Apple MacBook’s configured and provided by TIG provide the required security protocols for Medium risk data provided the data is deleted from your local systems when they you are finished with it. For more details, please see MIT IS&T’s Knowledgebase Article
Please see MIT IS&T’s Encryption Landing Page
Secured Data Environment
TIG can provide support for creating a Secured Data Environment and compute clusters on user purchased hardware sufficient for Medium Level Confidential Information’ such as deidentified medical or financial datasets.