If you are a website administrator you have a responsibility to safeguard personal information about students, faculty and others.
There have been several instances where website administrators inadvertently exposed sensitive information about people on the web. The following will help protect you and those you work with.
Some websites allow you to add “private” information. While this is a nice feature, it should not be used for any sensitive information.
Even if you put something on a website and mark it as private, someone else down the line might accidentally make it public, and once it is out there it is very hard to get back.
No software is 100% secure either, so there is always the chance of it being compromised. If you have any concern about the kind of information you are putting on your web site please err on the side of safety and don’t put it up.
If you need to share sensitive information use secure departmental file space, or sharepoint.
We find it very helpful to use what we call the Newspaper test. If there is any question about what to put on the web just ask yourself:
“Would I want this information on the front page of the newspaper?”
If the answer to this is no, then don’t put it online anywhere.
Below are a some more specific examples of things to not put online. There are, of course, others.
You can read more about UNC’s security policies for sensitive information here: http://help.unc.edu/6446
If you have any questions or need some help finding a solution for an information sharing need in your department please contact ITS-HELP by calling 962-HELP or submitting a ticket at http://help.unc.edu.