From: File Storage Security <uit-announcement@lists.stanford.edu>
Subject: Exposed sensitive Stanford data -- action taken
-------------------------------------------------------
Dear File Owner,
As part of Stanford’s File Storage Security Program, our automated file scanning tool identified one or more of your files that are broadly exposed and appear to contain sensitive data. As a precaution, we have tightened access to the files listed below. In most cases, no action is needed on your part. If necessary, you can quickly restore access.
File storage system: Google Drive
Affected file:
Sample File Name
To locate a directory, search for the file name in the indicated file storage system.
If you confirm that an affected file does not contain sensitive data and you need to restore access, please notify us by replying to this message, then feel free to proceed. Please be aware that sensitive data are often embedded in documents and are not readily apparent.
You can find instructions and guidance for safely sharing files at uit.stanford.edu/security/filestorage. Be sure to share with the minimum number of individuals necessary, and only use public sharing or a “shareable link” when the file is truly intended for public access.
Please direct any questions to your local IT support team or submit a help request at services.stanford.edu.
Background
The File Storage Security Program is a high-profile, university-wide initiative sponsored by the CIO Council. The program was established in late 2017 in response to a series of privacy incidents that brought the problem of misconfigured file permissions to the University’s attention. The program is progressing under advisement by the Board of Trustees, Provost Drell, the Privacy Governance Council, and the pertinent Faculty Senate Committees (C-Res and C-ACIS). The program is managed by Mike Takahashi (mtak@stanford.edu).
You can learn more about the File Storage Security Program at filestoragesecurity.stanford.edu. The service page is at uit.stanford.edu/security/filestorage. And you can contact the File Storage Security Working Group via email at file-security-wg@lists.stanford.edu.
Warmest regards,
File Storage Security Working Group
