Confidential or Sensitive Data on a Share
This article applies to: Shared File Services
Shared File Services can be used to store Confidential data as defined by Cornell Policy 5.10, with the following limitations:
CIFS shares from SFS may be configured to store Confidential data as defined by Policy 5.10 Information Security.
- Note: Confidential data is only allowed on specially configured shares.
- NFSv3 shares/exports which are Campus-facing are not allowed to store Confidential data due to the lack of encryption on both the session-authentication and the data flow.
Sensitive information is not allowed in file names or directory names. This example links a person to their SSN and a credit card and a driver’s license and would not be allowed.
As defined in Cornell Policy 5.10 there is a substantial set of requirements which must be fully met in order to store confidential data on Shared File Services. While the service itself is configured in order to meet the “Baseline Requirements Specific to Application and File Servers," the majority of the requirements are the responsibility and liability of the SFS customer to identify and meet.
A partial list of the requirements you must meet includes:
- Access to confidential data is logged.
- Failed access attempts are logged.
- Quarterly, verify that only authorized accounts have access to confidential data.
- Systems are scanned with a data discovery tool semiannually.
- Confidential data is encrypted on any system not located on one of the Cornell campuses or other formal university location.
- Confidential data is encrypted on any laptop, netbook, tablet, smart phone, PDA, or other mobile device.
- Confidential data should be removed from file servers when it is no longer needed.
- Any system holding or accessing confidential data that uses a wireless connection must use security equivalent to, or stronger than, Eduroam.
- The unit maintains and inventory of all systems holding confidential data.
- The inventory is reviewed at least every six months.
- The unit inventory is filed with the local IT head and the unit Security Liaison.
- Workstations, desktops, laptops, and servers are included in this inventory.
- The inventory includes, or the unit is able to retrieve/derive the following attributes: Date of inclusion, date of last review, assigned user or administrator, role of assigned user and system, physical type of system, OS, hostname, IP, MAC, make/model/SN,Cornell asset tag, number of external drives, backup method.
Note: This is a partial list of requirements derived from the policies listed below.
When you order a share from SFS for confidential data storage you are electronically testifying that you have read, understood, and agree to comply with all pertinent Cornell policies regarding the storage of confidential information. These policies include, but are not limited to:
- Policy 4.12, Data Stewardship and Custodianship
- Policy 5.10, Information Security
- Policy 5.3, Use of Escrowed Encryption
- Policy 5.4.2, Security Incidents
SFS confidential shares are not intended to be used for Sensitive data which does not require the level of protection required by Cornell Policy 5.10 for a variety of reasons, including:
- Ongoing Work: The security/auditing requirements in Cornell Policy 5.10 require substantial ongoing work by you. This work is reduced by using storage appropriately.
- System Resources & Expense: Auditing of confidential data on SFS requires additional system resources, which correlate to the fees we charge. For this reason the additional CIFS Audit Log shares are billed at a higher rate than standard shares.