SharePoint Security Statement
- Even though specific SharePoint sites or items may be password protected, SharePoint is an Internet-connected server which means that anyone in the world can generally contact the server and attempt to log in.
- Anyone, anywhere in the world, with the correct username and password can access information on the SharePoint server (i.e. data within SharePoint is a username and password away from anyone on the Internet).
- There are two kinds of data to consider:
- Restricted and Sensitive Data
- Generally, this type of data should not be placed in SharePoint.
- Intellectual Property that is not restricted, but should remain private
- This type of data may be placed in SharePoint at the discretion of project leaders.
- Restricted and Sensitive Data
- In general, if you are concerned about liability or legal ramifications, you should not place the data in SharePoint. If you want to share restricted or sensitive data with a group, please consider using Purdue’s FileLocker sytem: https://filelocker.purdue.edu. While FileLocker is not as flexible as SharePoint, it is secure and encrypts data.