Protecting Privacy and
Security on Penn + Box
September 10, 2013, Volume 60, No. 4
Another tip in a series provided by the
Offices of Information Systems & Computing and Audit, Compliance & Privacy.
Using Penn+Box is a great way to access your documents from any connected device, to facilitate collaboration, and all with much better protection for your data than services such as DropBox and Google Drive.
Here are some privacy and functionality tips:
Getting Started: Sign up with your Penn Key and password through http://upenn.box.com, then install the Box Edit and Box Sync apps.
Add a Co-Owner: Assign a Co-Owner for each collaboration folder you create on Penn+Box to help on any business continuity issues that may arise.
Collaborator Privileges: The default setting for your folders is "private." Folders (and the documents in them) only become available to others when you invite people as "collaborators." Consider the data, who the collaborators are, what role collaborators play, and whether they use secure devices when assigning access privileges. For example, choose to make your collaborator a:
• "Co-Owner" or "Editor": for trusted individuals, who need to work with the documents, and whose devices are known to be secure.
• "Previewer Uploader": for individuals who need view and comment on documents, but do not need to edit or download files.
Mobile Devices: If you are regularly accessing your Box files from a mobile device, make sure your device is "managed" or apply equivalent security settings (e.g., auto-lock, auto-wipe, etc.). See www.upenn.edu/computing/security/checklists/Top10/Top_10_Tips_for_Smartphones.php
Box Sync and Computer Security: Box Sync allows you to sync your Box folders to folders on your computer's hard drive. Make sure that computer or other device is secure.
Talk to your Local Support Provider (LSP) if using Box Sync.
Data Sensitivity: In spite of strong contractual protections and smart configurations, there is still some data that should not be housed on Box due to regulatory constraints. See www.upenn.edu/computing/security/cloud/box_data_usage.php.
Questions? Contact firstname.lastname@example.org.
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/