SharePoint Security Statement

1. Even though specific SharePoint sites or items may be password protected, SharePoint is an Internet-connected server which means that anyone in the world can generally contact the server and attempt to log in.
2. Anyone, anywhere in the world, with the correct username and password can access information on the SharePoint server (i.e. data within SharePoint is a username and password away from anyone on the Internet).
3. There are two kinds of data to consider:
   1. Restricted and Sensitive Data
      1. Generally, this type of data should not be placed in SharePoint.
   2. Intellectual Property that is not restricted, but should remain private
      1. This type of data may be placed in SharePoint at the discretion of project leaders.
4. In general, if you are concerned about liability or legal ramifications, you should not place the data in SharePoint.  If you want to share restricted or sensitive data with a group, please consider using Purdue’s FileLocker sytem:  https://filelocker.purdue.edu.  While FileLocker is not as flexible as SharePoint, it is secure and encrypts data.