Skip to Main Content
Lloyd Sealy Library
John Jay College of Criminal Justice

Research Data Management

Resources and tools for managing your research data. (For faculty and graduate students.)

Data security at John Jay

Data security at John Jay — adapted from DoIT:

  1. CUNY requires that you encrypt all confidential data. CUNY-CIS has a site license for MacAfee encryption software; contact the DoIT Helpdesk for installation and training. Another robust encryption program is PGP. 
  2. Store non-public university information on a secure server, rather than on end point devices such as desktop computers, laptops, or flash drives.
  3. Lock your computer every time you leave your desk. Set up a screen saver with preset time-out and password protection.
  4. Back up your data regularly and securely. 
  5. Be cautious when you print or copy sensitive non-public information — do not leave it in an open area, and shred it when not in use.
  6. Strictly follow CUNY security policies, procedures and advisories (security.cuny.edu). Report violations and issues immediately to DoIT,

For data involving private, identifiable information:

  1. Encyrpt all confidential information using MacAfee encryption software or another program, such as PGP. 
  2. Non-public university information such as social security numbers (SSNs), grades, etc. must not be sent in email text, email attachments, or left unencrypted on devices subject to theft or loss. 
  3. Reports produced containing full SSNs should be modified to include only the last four digits (except where required for regulatory compliance requirements).
  4. Reduce risk of public disclosure by:
    • Strictly controlling access to SSNs
    • Cleaning out old data
    • Storing data with SSNs on secure file servers
    • Using encryption where full SSN access is absolutely necessary

More information from DoIT about computer and data security »

Data security resources

What to do in a security breach

  1. Report it immediately to John Jay IT department (DoIT)
  2. Change all passwords immediately for network accesses and devices after they have been found
  3. For smartphones and PDAs, contact the service provider for help in wiping the data from the device. For college owned devices, contact DoIT.

From DoIT »

How to make a strong password

Passwords should be 8+ characters long and difficult to guess. Here's a useful method:

  1. Make an acronym of a phrase or song lyrics that are easy to remember. Acronyms are easy ways to avoid using dictionary words, which password crackers can guess easily.
    • We all live in a yellow submarine → waliays
  2. Capitalize at last one letter 
    • Waliays
  3. Include at least one number
    • Waliays4
  4. Include at least one symbol
    • Waliays4!

Don't reuse the same password everywhere. If you have trouble remembering, an easy mnemonic is to use the same password base for less critical services, and incorporate a few characters derived from the service. For example, for your Twitter password, Waliays4!w6 (w = Twitter, 6 = length of 'Twitter').

Don't share your logins with anyone. Don't include them in emails or any digital documents.

Still driven crazy by all the logins you have to remember? Try a password management service like LastPass or 1Password.