Skip to main content

File Storage Security

Safeguarding Stanford's Sensitive Data

Sharing files is foundational to collaboration, and yet misconfigured file permissions can expose sensitive data to unauthorized access.

To address this problem, the university’s Information Security Office and the CIO Council are sponsoring a program devoted to file storage security.

Features

University IT employs an automated tool to scan file storage systems for broadly exposed files that appear to contain High Risk Data. As a precaution, permissions are tightened on identified files to prevent undue exposure.  File owners are notified of the change via email and can restore the file sharing permissions as needed.

Get started

If you receive an email that a publicly accessible link was removed from one of your files by the automated tool, you might need to reshare the file so that collaborators can access the file again. You can update sharing permissions for file by following the steps below:

  1. Search for the file name on the file sharing platform where it’s stored. The email includes both the file name and platform.
  2. Review the file sharing permissions for the file.  If you discover sensitive data that may have been publicly exposed or shared with an unauthorized audience, promptly report it to the Privacy Office.
  3. Update the file sharing permissions as required for collaboration.
    Review instructions for how to change file sharing permissions for the storage system you are using:

Get help

For help with updating permissions on a file that the automated tool changed, please submit a Help Ticket.

Learn more

Sensitive information exposed by misconfigured file permissions is a preventable problem. Below are a few ways you can help keep sensitive data private:

  • When sharing files, share with the minimum number of individuals necessary. Only use public sharing or a “shareable link” when the file is truly intended for public access.
  • If you discover sensitive data that might have been exposed, promptly report it to the Privacy Office.

Archiving:

  • A large percentage of files are no longer needed and haven’t been accessed in many years.  Some of this data is sensitive and the risk of exposure increases over time.  One of the most effective approaches is to archive this unneeded data.
  • While deleting files may be difficult because you may need them later, archiving is a great alternative to keep you keep you secure without the worry of losing of potentially valuable information.
  • Through automated processes, you might be asked if such files can be archived.  Archived files can be restored quickly if needed.

Consult these resources to learn more about how to share files securely:

Last modified