Cybersecurity: Our Shared Responsibility

Security is a shared responsibility. We all have a part to play.

All Berkeley data is assigned a “Protection Level” - even emails and Google docs! That’s because the information kept within has value.

  • Are you doing research involving human subjects? 
  • Do you have a spreadsheet with student IDs on your computer?
  • Are you emailing students regarding advising information? 
  • Do you have donor or alumni information on your computer?
  • Do you work with other people's personal information 

If you answered yes to any of these questions, then you work with data that requires special handling. And these are just a few examples of data that are considered "Protected Data"! Learn more about Data Classification Standard and which types of data are considered Protected.

The Information Security Office treats systems hosting P3 and P4 data differently by protecting them through special firewalls, scanning, log review, amongst others.

But it’s up to you to protect this data properly on your devices.

Here is what you can do:

  • Start thinking about if you have Protected Data and where you store P3 and P4 data: On your computers? On file servers? In Box or Dropbox or other cloud services? On backup drives? On USB thumb drives?
  • If you have P3 or P4 data on laptops, thumb drives or USB backup drives or other devices that can be easily lost or stolen, consider moving that data to a more secure location. If you can't move it, make sure your devices are encrypted!
  • If you have P3 or P4 data in any cloud services like Dropbox, make sure that you have multi-factor authentication (like Duo!) enabled for those services.
  • If you have P3 or P4 data that you no longer need to keep (e.g., old communications with students about courses or advising), consider purging those messages or archiving them to a secure location if they need to be preserved.


Learn more with our videos, posters, flyers, and articles.