ITS Online»Antivirus & Data Security»Digital Cleanup Program

Digital Cleanup Program

This program is a 3-day annual effort to identify and remove sensitive data or data that is no longer necessary.

Cleanup Goals

 

  • Identify sensitive or confidential data
  • Remove, redact, or report sensitive or confidential data
  • Remove unnecessary old and large files from network drives
  • Review Junk Email folders and Email Archive policies

Day 1: Identify Sensitive Data

Identity Finder is software that can find — and, after review, delete — sensitive personal information, such as Social Security numbers and credit card information, that is stored on a personal computer/file share.

Day 2: Remove Sensitive Data

After searching for sensitive data with Identity Finder, the data will need to be reviewed to determine whether the file can be deleted, redacted, or reported.

Day 3: Remove Unnecessary Files & Review Email Policies

Remove Unneeded Files

Many emails and files are saved and forgotten. Data that is no longer needed takes up valuable server storage space, backup disks, and may pose a security risk.

Review Junk Email and Automatic Archive Policies

In Outlook 2010 and newer, Microsoft automatically archives messages that are older than 2 years.  Archived messages are still searchable and easily accessible as long as you are connected to the Internet.

Now is also a good time to review your Junk Email folder.  Though there is a general spam filter in place for email, Outlook will also mark certain messages as “Junk” and move it to your “Junk Email” folder. 

Completion Survey

Once you have completed all components of the digital cleanup program, please fill out this survey.

Why is this important?

One prominent area of risk is threats to confidential, personal or proprietary data that could cause significant harm to individuals or to Penn if compromised. Federal and state laws, industry practices, and principles of data stewardship have all driven home the fact that individuals who create, use, or maintain Confidential University Data are responsible for adequate protection of that data.

Please ask yourself two questions while examining our storage systems (both in paper, and on our computers).

1.) If I won the lottery and never returned to work, would my successor understand my filing and directories systems and actually need the info I’m keeping there?

2.) Is it necessary I keep this for business purposes?

The Best Way To Protect Data Is To Not Have It

While much data at Penn is necessary to our every day operations and to serving our mission, there is a lot of data in offices and computer systems that is no longer needed nor required to be kept. This unnecessary data should be destroyed to protect the individuals whose data is in these files and to protect Penn.

Review Penn Policies

We have gathered together an Overview of Penn’s Security & Privacy Policies. Please take a look and keep up to date on these resources, but here are some policies relevant to the cleanup program:

Latest Tips

  • Image preview
    eduroam is a secured wireless network that allows students, faculty and staff to use their home institution’s credentials (for Penn affiliates, their PennKey) to access wireless network services, when visiting other eduroam participating institutions without having to set up a guest account.
  • Image preview
    Apple has released updates to address multiple vulnerabilities that have been discovered in Apple’s OS X, Safari, iOS, and Xcode products that could allow remote code execution.