Learn about the different types of data you may encounter at Middlebury and how you should store and send them.

Understanding Security Levels

Middlebury uses a Data Classification Policy (DCP) to help identify and protect our data. There are three categories:

Highly Sensitive Data
Data with privacy and security requirements that exceed Middlebury’s normal security standards. This may include research-related restricted data sets and legal documents.
Sensitive Data
Data regulated by state or federal law or contractual obligation. This includes information like social security numbers, academic transcripts, and health records.
Private Data
Data not regulated by law, but that could result in civil action or reputation damage to Middlebury if inappropriately accessed. This data includes things like faculty manuscripts, budget information, and account credentials.
Public Data
All other data. This is information such as business addresses, marketing materials, or public websites.

Knowing what type of data you’re accessing and handling helps you make the appropriate decisions when it comes to sharing, storing, and transmitting. Check the Data Classification Policy to determine the appropriate security level any time you are unsure, or if you are handling a new type of data. Your department also has a Data Steward (usually the department head) who is responsible for protecting and managing access to the data handled in your area.

Choosing How to Store and Transmit Data

This table can help you decide what service you should use based on the data security class.

Security Classification Sharing Storing
Public Data Any Any
Private Data Middfiles/MIISfiles, Microsoft OneDrive Middfiles/MIISfiles, Microsoft OneDrive
Sensitive Data Contact us Contact us
Highly Sensitive Data Contact us Contact us

Contact us if you’re ever unsure about what services to use while handling data.

Need help with technology at Middlebury?

Submit a Ticket