吉祥坊

Confidential Box is 吉祥坊鈥檚 secure solution for storing Confidential Level 1 data.听听

Confidential Box has the same features as听my吉祥坊box听plus DUO multi-factor authentication. Multi-factor authentication (MFA), also known as dual-factor or two-step authentication, is the process in which a user accesses a computer system or software application using two forms of authentication to log in.听

If you are storing or planning to store confidential data in the cloud, you should use Confidential Box. You should not store听unencrypted听confidential data in your regular my吉祥坊box account.听Learn more about protected data here.听

Access Confidential Box via the button below and log in with your standard 吉祥坊 credentials.

Be sure you are logged out of my吉祥坊box before you log into Confidential Box. When you鈥檙e logged in, you will see a 鈥淐onfidential Box鈥� logo on the upper left. To share files in Confidential Box, all users must be classified as confidential data users. Files shared in your Confidential Box can only be shared with other 吉祥坊 Confidential data users. Additionally,听syncing听is not permitted. Users should also be connected to the campus network or VPN when accessing Confidential Box.

CSU Data Classification听(Descriptions and Examples)听

This page describes the three levels of data classification that the University has adopted regarding the level of security placed on the particular types of information assets.听 The three levels described below are meant to be illustrative, and the list of examples of the types of data contained below is not exhaustive.听 Please note that this classification standard is not intended to be used to determine eligibility of requests for information under the California Public Records Act or HEERA.听 These requests should be analyzed by the appropriate legal counsel or administrator.

Level 1 鈥� Confidential

Access, storage and transmissions of Level 1 Confidential information are subject to restrictions as described in CSU Asset Management Standards. Information may be classified as confidential based on criteria including but not limited to:

a)听听听听 Disclosure exemptions - Information maintained by the University that is exempt from disclosure under the provisions of the California Public Records Act or other applicable state or federal laws.

b)听听听 Severe risk听 - Information whose unauthorized use, access, disclosure, acquisition, modification, loss, or deletion could result in severe damage to the CSU, its students, employees, or customers. Financial loss, damage to the CSU鈥檚 reputation, and legal action could occur.

c)听听听听 Limited use - Information intended solely for use within the CSU and limited to those with a 鈥渂usiness need-to know.鈥�

d)听听听 Legal Obligations - Information for which disclosure to persons outside of the University is governed by specific standards and controls designed to protect the information.

Examples of Level 1 鈥� Confidential information include but are not limited to:

• Passwords or credentials that grant access to level 1 and level 2 data
• PINs (Personal Identification Numbers)
• Birth date combined with last four digits of SSN and name
• Credit card numbers with cardholder name
• Tax ID with name
• Driver鈥檚 license number, state identification card, and other forms of national or international identification (such as passports, visas, etc.) in combination with name
• Social Security number and name
• Health insurance information
• Medical records related to an individual
• Psychological Counseling records related to an individual
• Bank account or debit card information in combination with any required security code, access code, or password that would permit access to an individual's financial account
• Biometric information听
• Electronic or digitized signatures
• Private key (digital certificate)
• Law enforcement personnel records
• Criminal background check results

Level 2 鈥� Internal

Access, storage and transmissions of Level 2 - Internal Use information are subject to restrictions as described in CSU Asset Management Standard.

Information may be classified as 鈥渋nternal use鈥� based on criteria including but not limited to:

a)听听听听 Sensitivity - Information which must be protected due to proprietary, ethical, contractual or privacy considerations.

b)听听听 Moderate risk - Information which may not be specifically protected by statute, regulations, or other legal obligations or mandates but for which unauthorized use, access, disclosure, acquisition, modification, loss, or deletion of could cause financial loss, damage to the CSU鈥檚 reputation, violate an individual鈥檚 privacy rights, or make legal action necessary.

Examples of Level 2 鈥� Internal Use information include but are not limited to:

• Identity Validation Keys (name with)
  • Birth date (full: mm-dd-yy)
  • Birth date (partial: mm-dd only)
• Photo (taken for identification purposes)
• Student Information-Educational Records not defined as 鈥渄irectory鈥� information, typically:
  • Grades
  • Courses taken
  • Schedule
  • Test Scores
  • Advising records
  • Educational services received
  • Disciplinary actions
  • Student photo
• Library circulation information.
• Trade secrets or intellectual property such as research activities
• Location of critical or protected assets
• Licensed software
• Vulnerability/security information related to a campus or system
• Campus attorney-client communications
• Employee Information
  • Employee net salary
  • Home address
  • Personal telephone numbers
  • Personal email address
  • Payment History
  • Employee evaluations
  • Pre-employment background investigations
  • Mother鈥檚 maiden name
  • Race and ethnicity
  • Parents鈥� and other family members鈥� names
  • Birthplace (City, State, Country)听
  • Gender
  • Marital Status
  • Physical description
  • Other

Level 3 鈥� General

Information which may be designated by your campus as publicly available and/or intended to be provided to the public.听

Information at this level requires no specific protective measures but may be subject to appropriate review or disclosure procedures at the discretion of the campus in order to mitigate potential risks.

Disclosure of this information does not expose the CSU to financial loss or jeopardize the security of the CSU鈥檚 information assets.听

View Reasons to use my吉祥坊box

Sign in to听/听with your 吉祥坊 user ID and password. Once you are logged in to your account, add collaborators and begin collaborating using a user's听userID@csun.edu.听If you don't know the user ID, search for the user within Box or request it from the user.

Individual Accounts听

If you are a 吉祥坊 student, faculty or staff, you are automatically issued an individual my吉祥坊box account. Use your individual account to store and share files that belong to you.听

Group Accounts

Divisions, colleges, departments, and other groups such as committees can obtain a group account by contacting the听IT Help Center. Use group accounts to store and share files that belong to the group. If you have been granted access to a group account, it will appear as a folder with the group's name when you log in to听my吉祥坊box.听

Best Practices for Group Accounts听

• Owning a group account听and adding group members听鈥� Each group account should have at least two co-owners; they are responsible for adding group members and owners for any subfolders.
• Naming your group account听and creating subfolders听鈥� The IT Help Center will use your division, college, department, or committee's name for your group account's name. For divisions and colleges, your folder structure should mirror your organizational structure. For committees, use your committee's name.听
• Sharing folders听鈥� When听sharing a folder, share the highest-level folder accessed by that user; this will help reduce the number of folders in a user's account.听

To access an accessible version of my吉祥坊box:

1. Go to听
2. Enter your听吉祥坊 Email Address听and听Password, and then select the听Log In听button. 听
3. A 吉祥坊 log in page displays. Enter your 吉祥坊听User ID听and听Password, and then select the听Login听button.听
4. The accessible version of my吉祥坊Box displays.

For more information on A.Box.Com, visit the听听page.听

my吉祥坊box users can now听听by using Office Online.听Edit a file at the same time as colleagues and external partners and see all changes being made as they happen. Whether it's a project plan in Word, sales proposal in PowerPoint or financial plan in Excel, you can edit it in real-time with others, in Box. All edits automatically save, avoiding version conflict - plus, you can pull up a previous version to reference old content whenever needed.

To see how it works, check out听.

View the听听document to learn about add-ons for your desktop, laptop and apps for your mobile devices; these will will help you get the most out of your my吉祥坊box听account.听

To learn how the CSU classifies confidential data, visit 吉祥坊's听Protected Data听page.

听

听and听LinkedIn Learning听offer an extensive library of resources for all users. We have compiled some of the most popular resources on the left-hand side of this page under听Quick Guides听and听Must-See Videos.听

No. Creating, updating, or deleting a file on one Box account has no effect on the other.听

A my吉祥坊box File Request gives you a secure way to request and obtain files. my吉祥坊box uses an easy drag and group graphic interface, you create a web form that enables you to:

• Securely request files
• Gather information with听Metadata听which can be set as required/optional听
• Enables extra security and email validation with link settings听
• Kickoff work flows听

To view the steps on how to make your own Box file request please visit 吉祥坊's听Creating a my吉祥坊box File Request听webpage.听

听offers an extensive library of resources for all users. You can also contact the听IT Help Center.

To gain access to Confidential Box or if you have any questions, please open a听听or email the IT Help Center at听helpcenter@csun.edu.

If you have access to print Level 1 data, you can download the documents to a 吉祥坊 Level 1 workstation and print the documents.

Confidential Box has been restricted to on campus or VPN. If you are off campus you will need to log into VPN.

No, Confidential Box encrypts the documents for you.

No. Creating, updating, or deleting a file on one Box account has no effect on the other.听