Improper Sharing of Sensitive Data
Collaboration Services and Information Security are using Cisco Cloudlock to detect publicly shared Google Drive files containing sensitive data, like social security numbers and credit card numbers. Starting May 22, 2017, Cloudlock will begin automatically revoking the public sharing from these files in Google Drive, and the document owner will receive an email notice from CloudLock.
If an improperly shared document containing sensitive information is detected, the owner of the document will receive a notification from Cloudlock with the following wording:
From: email@example.com@cloudlock-ops2.com via amazonses.com
Subject: IMPORTANT: Improper Sharing of Sensitive Information in your Google Drive
According to our security systems, it appears that you have shared a Google document containing social security numbers either publicly or domain-wide. To maintain the security of this data, we have removed one of the following sharing settings from your document: Public on the web; Public with a link, Domain-wide, or Domain-wide with a link.
<Name of the shared document with a link to the document>
If the data detected by our system was not a social security number, or there is a valid business reason to share this sensitive information publicly, or with everyone in the University, then please contact VCU Information Security, firstname.lastname@example.org.
For more information, contact Information Security, email@example.com or Doctor Gee, firstname.lastname@example.org