Managing Data, Files and Folders in OneDrive
Information Security Best Practice
Periodically Review Permissions
To minimize the risk of accidental or inappropriate exposure of confidential information or protected data, users shall perform periodic reviews of existing shares and remove those accounts (former employees, prior vendors, etc.) that no longer require access.
Sharing Files and Folders
OneDrive is a great resource that provides the institution with increased opportunities; however, we, as users, must constantly question how we store, share, and transmit information in order to protect ourselves against those that would perpetrate fraud. Luckily, there are few simple things we can do in OneDrive to help with that effort.
- Select permissions based upon the need to know.
- Do not use the default option Anyone with this link.
- Do share files and folders using the option Specific People
- Periodically review file and folder permissions and adjust accordingly.
- Do not use District resources to conduct confidential personal business.
If you use OneDrive to share folders and files, please review the following IITS Information Security Procedure for sharing files and folders in OneDrive.
Non-Business Related Information
Users should be aware that all communications conducted on or from district systems whether electronic or otherwise are subject to review and disclosure outlined by the California Public Records Act, current case law, as well as other Federal and/or State laws and regulations. Therefore, users should exercise extreme caution in using electronic communications to communicate or store information of a confidential or sensitive nature ().
Furthermore, using District systems to transmit personal taxes, refinance forms, medical verification forms, or anything else containing your confidential information puts you at risk should your account, or the account of the business you deal with, become compromised.