Information Protection @ MIT

Safe Storage

For hard copy (paper) items with PIRN that you need to keep, ensure that there is adequate physical security, such as a locked file cabinet with non-standard key, a lockable room, and/or office suite with swipe card access. Consult with MIT Police regarding options for enhancing physical security.

If you have electronic files with PIRN, there are significant technical safeguards you must have in place to protect the files against leakage. For example, if you have files with PIRN on a laptop or other portable device, then you must encrypt those files. MIT recommends PGP Desktop and FileVault as the tools that can be used to encrypt.

Transmitting Data

Transmitting files without adequate protection can also put data at risk. The Heartland Inc breach of 2008 is a recent example of a data breach that occurred when credit and debit card information was transmitted over an unencrypted connection.

See the Minimum Security Standards for more information on protecting electronic files on computers and in transmission.