Data Protection Best Practices

during COVID-19 Telecommuting

GW is committed to safeguarding regulated and restricted data even in these unusual circumstances.

Your first step is knowing the data you work with. Refer to the Data Classification Guide to determine its level of sensitivity.

As a general rule, regulated or restricted data should not be exported into spreadsheets or inserted into emails, instant messages or other forms of transmission. Data should remain in the enterprise systems or applications where it can be securely managed.



Use of computing equipment (Laptops, mobile devices)

Use your GW managed devices for University business.

If you do not have a GW managed device, data should not be downloaded or stored on your personally owned computer or mobile device.


Emailing

Data should not be emailed in an attachment, instead, use GW Box links or share via Google drive.

Personal email should not be used for conducting GW business.


Printing and Copying

Data should not be printed on any public device.

Make only the minimum necessary prints / copies.

Protect copies from unauthorized access or misuse.

When no longer needed, copies should be shredded, either at telework location if possible, or held in a secure manner for shredding at GW upon return to normal operations.


Contact [email protected] for further guidance.