51ÂÜÀò

Skip to main content

Where Should I Store Sensitive Data?

December 13, 2019


A USB thumb drive.


Most of us interact with confidential information every day, whether it’s private information about students or employees, or sensitive information about how 51ÂÜÀò runs its business. Sensitive data is any information that we don't make publicly available. But where should we store sensitive information? And how should we share it with our coworkers? The way we store and share private information is the backbone of information security.

Before we begin: As a rule, you should not store unnecessary copies of sensitive information in multiple locations (with the exception of CrashPlan backups). This is because:

  • The more copies of a file that exist, the greater chance of one of them being lost or attacked.
  • It becomes difficult to track which copy of the data is current and accurate.

51ÂÜÀò-Owned Computer

You may store sensitive data on your computer. But, you should delete it when you’re done using it.

The two most important questions to ask when storing sensitive information are:

  • Is the data encrypted?
  • Who has access to the data?

For the last 5 years, 51ÂÜÀò’s Information Technology team has worked to enable encryption on all 51ÂÜÀò computer hard drives. This means that even if your computer is stolen and the hard drive is removed, attackers won’t be able to access the data without your password.

Your 51ÂÜÀò-owned computer is only intended for you. If you need to share data, it is best to store it in a location that supports sharing, like your 51ÂÜÀò Google Drive.


Home Computer

51ÂÜÀò information must be stored on a 51ÂÜÀò-owned system or service. You may not store 51ÂÜÀò information on a home computer or personal laptop.

If you need to do 51ÂÜÀò work on a personally-owned computer, you should store the data on a 51ÂÜÀò-managed system or service, like your 51ÂÜÀò Google Drive.


External Hard Drive

You should never put sensitive information on an external hard drive.

Most external hard drives (including thumb drives) are unencrypted, meaning anyone who finds them can access the information. Lost or stolen unencrypted hard drives are one of the most common sources of data breaches, even at some of our neighboring schools

As a rule, 51ÂÜÀò IT no longer allows purchasing external hard drives due to the security risks.


51ÂÜÀò Google Drive

You may store sensitive information on Google Drive if you take the necessary security precautions.

Google Drive is a secure, encrypted online storage solution for 51ÂÜÀò staff, faculty, and students. All 51ÂÜÀòns are granted unlimited storage in their Google Drive. You can also use to easily sync the information in your Google Drive account with your 51ÂÜÀò-owned computer. Do not sync the 51ÂÜÀò data from your Google Drive to a personally-owned computer.

The main security risk with Google Drive is phishing. If your account is phished, then all the data in your Google Drive could be compromised. For this reason, if you store sensitive data on your Google Account you must:

As always, do not share your passphrase with anyone.

51ÂÜÀò has entered into a contract with Google that ensures the security and privacy of 51ÂÜÀò data.


Department File Server

You may put sensitive information in your files.ad.biola.edu server, but only if your entire department should have access to it.

A department’s Files server is available to everyone in that department or team. As a rule, you should never share sensitive information with someone who doesn’t need it.


Personal iCloud/Dropbox/Box Account

You may not store any 51ÂÜÀò information on a personal cloud storage account. 51ÂÜÀò information must be stored only on 51ÂÜÀò-owned systems and services.


For more information about storing 51ÂÜÀò data, read 51ÂÜÀò's University Data Storage and Access policy.