What is CloudLock?
CloudLock is a service that helps ensure files within your Fordham Google Drive account that may contain Fordham protected and/or Fordham sensitive data are stored and shared appropriately and securely.
Why does Fordham have CloudLock?
Fordham has an obligation to the University community to protect information from unauthorized access and illicit use. Fordham IT is a partner in carrying out that obligation in order to ensure we use all available means to manage secure data in accordance with best practices and compliance regulations. CloudLock assists in ensuring that protected and sensitive data within a Fordham member’s Google Drive account is stored and shared in an appropriate and secure manner.
Is CloudLock looking at my Google Drive files?
CloudLock assesses files in Fordham Google Drive accounts and looks for patterns within those files that match those of protected and sensitive data (such as Social Security numbers, credit card numbers, Fordham ID numbers, etc.) and may not be shared in a secure manner in accordance with Fordham’s Data Classification Policy.
Is CloudLock making changes to my Google Drive files?
CloudLock is not making any changes to the data within the files, only the sharing permissions of files in Fordham Google Drive accounts that contain 100 or more unique instances of data classified as Fordham Protected or Fordham Sensitive and have the sharing permissions set to “Public on the web,” “Public with a link,”, “Domain-wide,” or “Domain-wide with a link” may have the sharing permissions modified to be “Private” so the files can only be accessed by you.
What is considered protected and sensitive data?
Protected data contains personally identifiable information (PII) such as Social Security numbers and credit card numbers. Sensitive data has been deemed sensitive based on internal standard operating procedures. It contains data such as employee compensation and annual budget information. You can read more about how data is classified within Fordham’s Data Classification Guidelines. The Data Classification Grid describes regulations and policies governing protected and sensitive data. Use it to determine where and how to store your files.
For a list and explanation of the various types of sensitive data that Fordham actively monitors for, via our DLP rules, please click here.
What does CloudLock do when it finds a file with protected and sensitive data?
If CloudLock finds protected or sensitive data in a file. You will receive an alert from “firstname.lastname@example.org” notifying you that the file was shared in an inappropriate manner. The file is not modified, but when you receive the alert it is advised that you perform the following steps:
- While viewing or editing the shared file, from the drop down menu, select File | Share
- Change the option “Anyone at Fordham University with the link can view” to “OFF – only specific people can access”
- In the “People” section add the names of the individuals you would like to share the file with