Principles for protecting Yale's data

The Yale University data security initiative is based on five key principles:

1. Know what data you have

The first step in secure computing is knowing what data you have, and what levels of protection are required to keep the data both safe from loss and confidential.

2. Scale down the data

Keep only the data you need for routine current business, and safely archive older data and remove it from all computers and other devices (smartphones, laptops, flash drives, external hard disks).

3. Lock up!

Physical security is key to safe and confidential computing. All the passwords in the world won't get your laptop back if the computer itself is stolen.

4. Data security is fundamental

Data security is crucial to all academic, clinical, and business operations at Yale. All existing and new business and data processes should include a data security review to be sure Yale data is safe from loss and secured against unauthorized access.

5. Plan ahead

Create a plan to review your data security status, create routine processes to archive unneeded data, and make sure you and your colleagues know how to respond if you have a data loss or data security incident.

Next →  Data scanning & inventories

---

Related topics

• Data scanning
• Secure file storage
• Sending & sharing data securely
• Physical security for computers
• Data security levels at Yale
• Glossary & A-Z index

Related University Policies & Procedures

• Yale computing security & access policies & procedures
• Policy 1601 - Information Access and Security
• Policy 1610 - Systems and Network Security
• Procedure 1610 - Systems and Network Security

Related online resources

• U.S. Government: OnGuard Online
• U.S. FTC - Avoiding Identity Theft
• U.S. FTC - Privacy Initiatives
• U.S. FTC - Protecting Personal Information: A Guide for Business