Everyone in our community is responsible for the protection of our customers' privacy and their personal information. However, you don't need to understand the nuances of every privacy regulation currently affecting higher education to tackle data privacy issues on campus. Whether you are working on a data breach response plan, updating institutional policies, collaborating with researchers on a new project, or educating students, faculty, and staff about data privacy, consider teaming up with your institution's privacy officer(s). The privacy officer(s) will be more than happy to lend expertise and help make sure privacy, risk, and information security considerations are carefully weighed.

Know and understand your privacy policies.

• Privacy statements or notices may be included in third-party contracts or services offered to students, faculty, and staff (e.g., learning management systems used for classes).
• Also consider any third-party privacy policies or terms and conditions you may have agreed to as an individual (e.g., Facebook or any other third-party services or apps that aren't officially hosted by the institution through a signed contract).

Always start with privacy.

• Include privacy in the planning phase of all new projects.
• If you don't need personal information, don't collect it. You can always ask for more information later.
• Inform your customers about why you're collecting their personal information.

Keep and use data securely.

• Keep personal information confidential and limit access to the data.
• Make sure you're only using the data the way you said you'd use it. Ensure you get the customer's consent before you use it otherwise.
• Destroy or deidentify private information when you no longer need it.

"The Internet is a powerful and useful tool, but in the same way that you shouldn't drive without buckling your seat belt or ride a bike without a helmet, you shouldn't venture online without taking some basic precautions." This is an important reminder from the National Cyber Security Alliance that cybersecurity is everyone's responsibility as an individual and a member of our ever-growing online community. Here are some tips to keep in mind as we work together to create a better, safer digital world for ourselves and others.

• Own your online presence. To keep yourself safe, set privacy and security settings on web services, apps, and devices to your comfort level. You do not have to share everything with everyone. It is your choice to limit what (and with whom) you share personal information.
• Be a good digital citizen. The things that you would not do in your physical life, do not do in your digital life. If you see crime online, report it the same way that you would in real life. Keep yourself safe and assist in keeping others safe on the Internet.
• Respect yourself and others. Practice good netiquette, know the law, and do not do things that would cause others harm. The Golden Rule applies online, as well.
• Practice good communications. Never send an e-mail typed in anger. Put it in your draft folder and wait. Keep in mind that digital communications do not give the reader the same visual or audio cues that speaking in person (or by video or phone) does.
• Protect yourself and your information. Use complex passwords or passphrases, and don't reuse the same password or variations of a simple phrase. Better yet, enable two-factor authentication or two-step verification whenever possible.

Protect your tech and data when traveling:

• Travel only with the data that you need; look at reducing the amount of digital information that you take with you. This may mean leaving some of your devices at home, using temporary devices, removing personal data from your devices, or shifting your data to a secure cloud service. Authorities or criminals can't search what you don't have.
• Most travelers will likely decide that inconvenience overrides risk and travel with electronic devices anyway. If this is the case, travelers should focus on protecting the information that they take with them. One of the best ways to do this is to use encryption. Make sure to fully encrypt your device and make a full backup of the data that you leave at home.
• Before you arrive at the border, travelers should power off their devices. This is when the encryption services are at their strongest and will help resist a variety of high-tech attacks that may attempt to break your encryption. Travelers should not rely solely on biometric locks, which can be less secure than passwords.
• Make sure to log out of browsers and apps that give you access to online content, and remove any saved login credentials (turn off cookies and autofill). This will prevent anyone from using your devices (without your knowledge) to access your private online information. You could also temporarily uninstall mobile apps and clear browser history so that it is not immediately apparent which online services you use.

Get your device travel ready:

• Change your passwords or passphrases before you go. Consider using a password manager if you don't use one already.
• Set up multifactor authentication for your accounts whenever possible for an additional layer of security.
• Delete apps you no longer use.
• Update any software, including antivirus protection, to make sure you are running the most secure version available.
• Turn off Wi-Fi and Bluetooth to avoid automatic connections.
• Turn on "Find My [Device Name]" tracking and/or remote wiping options in case it is lost or stolen.
• Charge your devices before you go.
• Stay informed of TSA regulations and be sure to check with the State Department's website for any travel alerts or warnings concerning the specific countries you plan to visit, including any tech restrictions.
• Clear your devices of any content that may be considered illegal or questionable in other countries, and verify whether the location you are traveling to has restrictions on encrypted digital content.
• Don't overlook low-tech solutions:
  • Tape over the camera of your laptop or mobile device for privacy.
  • Use a privacy screen on your laptop to avoid people "shoulder surfing" for personal information.
  • Physically lock your devices and keep them on you whenever possible, or use a hotel safe.
  • Label all devices in case they get left behind!

These guidelines are not foolproof, but security experts say every additional measure taken can help reduce the chances of cybertheft.