News

Data Privacy Day 2025

Monday, January 27, 2025

Data Privacy Day 2025 is this week, challenging us to bring awareness of the importance of safeguarding our personal and institutional data. This gives us an opportunity to reflect on our data handling practices and to adopt new strategies to protect sensitive information.

New Transcription Services Document Added to the Knowledge Base

Monday, December 16, 2024

Transcription services are widely used across Indiana University. An article has been added to the IU Knowledge Base that contains a list of services that have been approved for use with restricted and critical data, with a focus on providers appropriate for research and health data.

Cybersecurity Awareness Month Wrap-up

Wednesday, October 30, 2024

Catch up on all the spooky, secure and scary safe ways to keep yourself and your data safe. Avoid getting phished, discover the ups and downs of AI, keep your eyes open for deep fakes and more all on the IT news website.

BTAA Cybersecurity Security Awareness Gameshow - Level up Your Cyber Game!

Tuesday, October 22, 2024

Today, good cyber skills are the new good life skills, and we're here to put your mind through the motions! Join us for a turbocharged gameshow and test your abilities! We will engage you with thrilling challenges and strategic quandaries. Come for essential info and practical techniques to safeguard your digital life after the stadium lights have dimmed. COLLEGE GAMEDAY EDITION: Compete against your campus rivals for ultimate bragging rights and victory!

Three Best Practices for Data Privacy Day 2024

Sunday, January 21, 2024

Data Privacy Week 2024 has begun around the world to help remind us of the importance of protecting our personal data. This week gives us an opportunity to evaluate the choices we make with our personal information, and how we interact with institutional data as part of our jobs at IU. Here are a few tips to consider in 2024 to help protect personal data at IU.

Previous Years

AI at IU: Enhance learning, teaching, and productivity

Tuesday, November 28, 2023

Generative artificial intelligence opens exciting possibilities for the IU community. Its ability to create content, code, analyze data, and more can help you uncover discoveries and solve problems with speed and elegance. That is why UITS has launched a new service page where you can find information on how to leverage AI for your goals.

Cybersecurity Awareness Month 2023

Thursday, October 12, 2023

October 2023 marks 20 years of Cybersecurity Awareness Month.

Watch for changes to Duo on August 1

Tuesday, July 18, 2023

On Tuesday, August 1, we will be enabling Duo Verified Push for all IU staff for services including IU Login. Duo Verified Push provides additional protection against attackers sending unsolicited Duo pushes to you trying to gain access to your IU account.

New security measures in place when creating Teams

Wednesday, July 12, 2023

Any Microsoft Teams team must be created using IU's Institutional storage request form. To help with this process, a “New Team” button will be added to the left menu Starting July 12, linking directly to the form. This change helps safeguard new teams and their institutional data, while providing naming conventions and tools for storage owners and the IU community. IU will be working with Microsoft to remove the previous “Join or create a team” button during Fall 2023 to help reduce confusion.

Generative AI and your privacy

Wednesday, June 14, 2023

Generative AI tools, such as ChatGPT, are being explored by the IU community for their many applications. The Privacy Office encourages you to take precautions when sharing personal information with these tools, as your content may be regenerated and shared with other users.

ChatGPT at IU

Friday, April 14, 2023

Chat Generative Pre-trained Transformer (ChatGPT) is an online model designed to mimic human interaction via text conversation. Learn about how it can and cannot be used at IU.

Managing event data at IU

Monday, April 10, 2023

Indiana University hosts many events that may include the collection of personal information during the registration process. Personal information that is collected for an IU-hosted event is classified as restricted data and should not be shared with others without consent from the participants. Even if it doesn't fall under the university’s definition of institutional data, it is important that there are safeguards in place to protect the information from unauthorized access.

Finding your files in M365 storage

Tuesday, February 28, 2023

In the past, storage was simple. You saved a file on your hard drive, made a backup, and hoped that neither would fail and result in you losing your files. These days at IU, we have migrated our server-based storage to cloud storage providers. First it was Box, then it was Google and Microsoft, and now, it's predominantly Microsoft storage. My goal with this article is to give you some sure-fire tips for finding files saved within Microsoft cloud storage.

Three Best Practices for Data Privacy Day 2023

Tuesday, January 24, 2023

In recognition of International Data Privacy Day, the University Information Policy Office has three simple steps to help you protect IU’s institutional data and to create a safer computing environment for the entire university community.

Sensitivity label policy for Power BI at IU

Thursday, November 17, 2022

Starting January 31, 2023, Indiana University will require the use of sensitivity labels in Power BI to guard your sensitive content against unauthorized data access and leakage.

Storing or sharing restricted or critical data at IU

Monday, September 26, 2022

The University Information Policy Office (UIPO) would like to remind current storage owners and those who might request new storage locations that you MUST use the Institutional Storage Request Form if storing or sharing restricted or critical data classifications on Google or Microsoft at IU storage platforms.

Introducing Secure Share

Wednesday, August 03, 2022

Starting September 30, 2022, Slashtmp will go into read-only, and all users will need to transition to using Secure Share to send files.

Google storage changes in 2022

Wednesday, March 23, 2022

Google has announced placement of caps on storage use, at 30% of the current total data stored in the IU Google instance. As a result, the university must limit the total storage footprint used by all IU services in Google systems to avoid drastically increased costs.

Data Privacy Day 2022 is January 28

Friday, January 21, 2022

Don’t forget that international Data Privacy Day is January 28. It is always a good time to reaffirm your acceptable use agreement and update your required compliance training for the year. We appreciate your continued efforts in making data protection and privacy a priority; you play a key role in ensuring the confidentiality, integrity, and accessibility of the data we collect at IU.

The 2022 Data Protection and Privacy Tutorial is now available

Thursday, January 20, 2022

The 2022 Data Protection and Privacy Tutorial is now available in Canvas. We encourage all employees to take a look at the new content and complete the quiz to obtain a certification. We recommend this as a standard training for all new employees or for anyone looking for a refresher. It is a good introduction to privacy and highlights best practices for managing institutional data at IU.

Manage my storage tool For Teams and Shared Drive

Monday, August 23, 2021

The UIPO would like to announce that a new storage management tool that is now available within the IU Institutional Storage request form. Current storage owners or those who request new storage locations will have access to make modifications to their Microsoft Teams or Google Shared Drives.

Tech tips for returning to campus

Tuesday, July 20, 2021

As you gear up for returning to campus in August, here are a few tech tips for consideration.

Fireform approved for critical data

Thursday, August 27, 2020

The data stewards recently approved Fireform for collection of critical data with the exception of PCI (credit card, banking payment card industry) data.

New Institutional Storage Request Form is available

Thursday, July 30, 2020

In preparation for the Box retirement, we have new storage services available for institutional data in both the Microsoft and Google environments. To request a new storage location for upcoming projects, you may submit a request using the form at storage.iu.edu. We do recommend consulting with your IT Staff first to see if they have already setup new storage locations for your department.

Remote work safety tips

Wednesday, April 29, 2020

As many of us continue to work from home or a remote location, it is important to remain vigilant in our security practices and to safeguard the data we manage on a daily basis. Read more on the Knowledge Base about how to keep working from remote locations.

Zoom Security and Recording Guidance

Friday, April 17, 2020

Zoom at IU offers several features and options that can help you maintain the integrity of your Zoom meeting or webinar. For tips to help secure your Zoom meeting and for additional information about recording and securing HIPAA and FERPA protected information, see the KB article: Prevent Zoombombing using Zoom privacy and security features.

Box Retirement, Where to store restricted and critical data

Thursday, March 19, 2020

As part of the Box retirement migration, both Microsoft storage and Google enterprise storage will be available for Restricted data and certain types of Critical data. Future communications will provide the timeline for when these environments will be ready for this type of institutional data. Pre-approved solutions (similar to Box Health and Box Entrusted) are being evaluated. For details, see the KB article: About dedicated file storage services and IT services with storage components appropriate for sensitive institutional data, including research data containing protected health information.

Google’s Hangouts Chat is approved for Public and University-Internal information

Thursday, February 21, 2019

Hangouts Chat (a Google GSuite application) has been approved by the UDMC as a replacement for Google Chat and may be used to share documents containing public and university-internal information. Hangouts Chat should not be used for sharing information classified as restricted or critical.

New Box Drive feature, "Mark for Offline" (MfO) is approved to replace Box Sync

Wednesday, February 06, 2019

A new feature in Box Drive, “Mark for Offline” (MfO), has been approved by the UDMC as a replacement for current Box “Sync” functionality which is expected to be retired by the end of 2019.

MS Online, PHI and BHDA

Thursday, January 31, 2019

Users working with protected health information (PHI) will be glad to know the University Data Management Council (UDMC) has approved the use of MS Office Online when working with documents stored in Box Health Data Accounts (BHDA). This approval comes after receiving a signed Business Associate Agreement (BAA) from Microsoft and the completion of a HIPAA alignment review. MS Office Online continues to be available for working with other types of documents stored in Box.

Crimson Card Photo

Tuesday, January 23, 2018

Recent discussions with the University Data Management Council (UDMC) and a group of Data Stewards has resulted in the Crimson Card Photo being classified as “Restricted” institutional data. Use of the photo is governed by the DM-01 Policy. The CrimsonCard Policy was also updated to add this restriction.

Required update to Acceptable Use Agreement

Tuesday, October 03, 2017

Recently, the University Data Management Council reaffirmed an interest in requiring a periodic re-assent to our acceptable use agreements, and sought approval for a CAS interrupt requiring users to re-assent on a two year basis. This was approved and implementation is expected in the first half of 2018.

Software and Services Selection Process

Tuesday, October 03, 2017

UITS is collaborating with the Office of Procurement Services to conduct expedited reviews for new software and cloud services requests from units. This Software and Services Selection Process (SSSP), ensures that existing IU software and services are fully leveraged whenever possible, that threats to IU data are minimized, and that the unit understands all resulting costs and risk choices before the desired solution is purchased.

Hacked: A Case Study

Saturday, August 12, 2017

Here is a summary of an incident at the University of Michigan, and what was learned to avoid incidents such as these in the future.

New Data Stewards and Rotating Members of UDMC

Tuesday, June 06, 2017

There has been an announcement of three new Data Stewards and two rotating members of University Data Management Council (UDMC).

Storage of Institutional Data Documents at IU Warehouse

Thursday, April 13, 2017

IU Warehouse is no longer considered a secure site for storage of Institutional Information classified as Critical, Restricted or University Internal.

VIDEO: San Francisco area hit by rash of 'fiber cuts'

Saturday, February 04, 2017

CDS Approved an Updated Institutional Data Standards Checklist

Friday, October 21, 2016

The CDS reaffirmed the requirement for system owners of new services and platforms to complete the Institutional Data Standards checklist for any services/platforms hosting critical data. Data Stewards may also require completion of this checklist for systems hosting restricted data. It is recommended that system owners conduct an optional self-assessment for services hosting only public and university-internal data.

CDS determined that passphrases and digital signature certificates do not meet the definition of institutional data

Friday, October 21, 2016

This decision was based on recommendations from UIPO and UISO after discussion at the October 20th CDS meeting. They will therefore be managed as other information technology safeguards.

IU Release of Student Information Policy Changes

Thursday, May 19, 2016

IU is no longer releasing student addresses or phone numbers to the public. A student's street address and phone number are no longer considered public information, or listed as part of the FERPA directory information at IU.

Data Stewards Approve Google Apps for Education for Restricted Institutional Data

Wednesday, April 27, 2016

After lengthy discussions and development of a list of considerations which must be met, the Committee of Data Stewards has approved the use of data classified as Restricted in Google Apps for Education.

Critical Data Guide Hard Copies Now Available For Request

Thursday, March 24, 2016

In the past, the University Information Policy Office (UIPO) has provided hard-copies of the “Protecting Red Hot Data” (“flippy book“) containing a practical guide to how to appropriately collect, store, transmit and dispose of critical data. UIPO has recently updated and reformatted the flippy book into a new pocket-sized reference guide.

Third-Party Assessment (3PA) process improvements underway

Thursday, March 10, 2016

As the demand for third-party assessments continues to grow it is necessary to update the process to strengthen risk analysis and realize efficiencies. The first step is a major modification to the review process and will be supported by a new version of the Data Inventory documentation instrument. A pilot is underway to evaluate expected process benefits. Although process improvements will continue for a while, the new review process should be implemented in Q2 of 2016.

Data Breach Results in Misdirected Payroll at ISU

Wednesday, March 02, 2016

Thirteen faculty and staff members at Illinois State University were the apparent victims of an information breach that allowed someone to divert their direct deposit payroll payments to another account, according to university officials.

IU cyber security expert says government likely to win court battle with Apple, but he's not sure it should

Friday, February 26, 2016

Per the Herald Times, a cyber security expert at Indiana University expects a federal court to rule in favor of the FBI in its dispute with Apple Inc. over unlocking an iPhone, but he’s not so sure it should.

Office 2016 Distribution Approved

Thursday, February 18, 2016

The Committee of Data Stewards approved the distribution of Office 2016 and One-Drive for University Internal and Public data at the February Committee meeting. They also recommended that UITS develop a training module to educate users on the appropriate uses for Office 365.

Upgrades to Enterprise Information Governance System (EIG)

Wednesday, February 17, 2016

Attention Data Stewards and Data Managers: The EIG system will be undergoing an upgrade on February 18th.

Showdown in Europe over privacy has U.S. firms ducking for cover

Friday, February 05, 2016

The free flow of data across the Atlantic, the lifeblood of modern business dealings, faces an uncertain future, despite a belated, high-level deal between European and U.S. officials this week.

EU-US Reach Agreement on Privacy Shield

Tuesday, February 02, 2016

EU Commission and United States agree on new framework for transatlantic data flows: EU-US Privacy Shield.

U of Big Brother?

Monday, February 01, 2016

In an article from Inside Higher Ed, U of California professors object to new system -- installed secretly -- to monitor emails and use of computer networks. University cites security needs and pledges to protect privacy.

U.S. and Europe Fail to Meet Deadline

Sunday, January 31, 2016

This article by the New York Times goes into details over a failed agreement about how digital information should be shared between the U.S. and Europe.

Network-Security Measures at UC Raise Some Professors’ Fears of Snooping

Sunday, January 31, 2016

The University of California at Berkley installed the new hardware for cybersecurity purposes after a data breach last July. Officials say they have no intention of using it to monitor emails, and that policy forbids them to do so.

Data Privacy Day 2016

Thursday, January 28, 2016

Data Privacy Day 2016 had a focus on staying safe online, with resources from several social media platforms.

What is Privacy?

Monday, January 25, 2016

From Chief Data Officer Sara Chambers, some definitions of privacy throughout history.

CDS Approves DSI role-based access plan

Thursday, December 17, 2015

At the December Committee of Data Stewards meeting UITS staff presented a proposal for how Role-Based Access Controls would be configured and managed within the Decision Support Initiative. The CDS approved the proposed approach as part of their continuing commitment to development of role-based access.

Box Entrusted Data Accounts approved

Tuesday, December 08, 2015

Box was approved, using Box Entrusted Data Accounts (BEDA), to store and appropriately share institutional information classified as restricted. It is strongly recommended that any Restricted institutional data in Box be in a BEDA.

Box Health Data Accounts approved

Tuesday, December 01, 2015

Box was approved, using Box Health Data Accounts (BHDA), to store and appropriately share approved protected health information (PHI). Box has not been approved for storage and sharing of other critical data at this time.

Google Deceptively Tracks Students - goes against Student Privacy Pledge

Tuesday, December 01, 2015

EFF Launches 'Spying on Students' Campaign to Raise Awareness About Privacy Risks of School Technology Tools.

Work in finance or accounting? Watch out for 'whaling' attacks

Tuesday, December 01, 2015

These emails are tricky to detect, security firm Mimecast warns.

10 higher education buzzwords and phrases

Tuesday, November 17, 2015

If you still think MOOC is a buzzword, you couldn’t be more wrong. Here are the higher education buzzwords and phrases that some like to call “edubabble.”

Email phishers target IU students

Tuesday, November 10, 2015

In carefully crafted emails, hackers can pose as the University, University Information Technology Services or even students to request private information, such as account passwords, an IU passphrase, telephone numbers and more. It’s what email phishers use to gain access to personal accounts, such as those for banking or university information.

Are the Mobile Ad-Blocking Wars Already Over?

Tuesday, October 27, 2015

The Atlantic: The organization that sets the guidelines for online ads has capitulated and announced a “leaner” standard.

Decision Support Initiative to design role-based access

Thursday, October 15, 2015

The Data Stewards are working with the Decision Support Initiative to design role-based access.

Kent Wada receives California’s Privacy Leadership in Education Award

Wednesday, October 07, 2015

UCLA chief privacy officer and director of strategic IT policy, is the 2015 recipient of the Privacy Leadership in Education Award, given by the California Information Security Office. The award honors an individual who has made extraordinary contributions toward the advancement, quality and effectiveness of privacy in their organization or for the state.

This Magic Moment: Reflections on Cybersecurity

Monday, September 28, 2015

National Cyber Security Awareness Month (October) provides those engaged in cybersecurity a chance to discuss the importance of security safeguards. This article takes a look at the state of cybersecurity in higher education.

Googles Grant awarded to Penn State to Research Privacy Issues

Thursday, September 24, 2015

Adam Smith, associate professor of computer science and engineering in Penn State's School of Electrical Engineering and Computer Science, has received a grant from Google to investigate privacy issues in a state-of-the-art training technique called deep learning.

Op-Ed: College kids have too much privacy

Tuesday, September 08, 2015

The Department of Education’s original intentions were admirable. Even though privacy is still a precious asset, the question is why should parents be tossed into the same category as perfect strangers?

IU expert offers tips on protecting personal data

Friday, August 28, 2015

Center for Applied Cybersecurity Research director Von Welch helps navigate the world of cybersecurity.

Facebook's Use of Facial Recognition Tool Draws Privacy Ire

Saturday, July 25, 2015

Facebook says this new feature enhances the user experience. But privacy advocates say the company’s technology — which was shut off in Europe and Canada after concerns were raised — should only be used with explicit permission.

Bitcoin's 'New Frontier' of Cybercrime Explored at Barcelona Event

Thursday, May 28, 2015

Bitcoin attackers present "a new frontier" for cybercrime, a gathering of top security specialists heard in Barcelona this week.

The Chief Privacy Officer in Higher Education

Monday, May 11, 2015

Until recently, the chief privacy officer (CPO) role was more likely to be found in the private sector versus in higher education. Yet over the past few years, colleges and universities have begun to hire a growing number of CPOs to devote time and attention to ubiquitous concerns about privacy and data protection on campus.

How Will Tech Companies Address Issues of Student Privacy?

Wednesday, January 25, 2015

Companies like Apple and Google participating in a privacy pledge points to the active debate surrounding the usage of technology in schools and the tangle of data privacy issues that tech companies, school districts, and regulators are just beginning to address.

Google's Privacy Issues

Wednesday, May 16, 2012

OPINION: I believe, as I have believed for some time, that more active regulation of Google is warranted. Google has demonstrated that it cannot be trusted. In fairness, no one could be trusted or should be trusted with so much power.

Data Privacy Day 2012

Friday, January 27, 2012

At Data Privacy Day 2012, real-life scenarios were presented to help viewers better understand how to comply with FERPA at IU.

IU Data Management

News

BTAA Cybersecurity Security Awareness Gameshow - Level up Your Cyber Game!

Previous Years

Site Navigation

Contact US

University Data
Management Council

News

BTAA Cybersecurity Security Awareness Gameshow - Level up Your Cyber Game!

Previous Years

2023

2022

2021

2020

2019

2018

2017

2016

2015

2012

Site Navigation

Contact US

University DataManagement Council

University Data
Management Council