Securely Share Data and Files

Table of contents


Access control

Access control is a means of selectively controlling access, use, and consumption of resources or information. Access control is accomplished via a combination of authentication and authorization mechanisms.


Encryption is used to protect data and files from unauthorized access by requiring a passphrase or digital key for decryption.

Data encrypted at rest does not necessarily mean the data will be encrypted in transit, and vice versa. Both practices must be employed together.

Logging and audit capabilities

While access control and encryption safeguard data, keeping track of user actions is a critical part of security. Appropriate monitoring and review of logs helps ensure that access control is working properly, and is usually a feature desired by data stewards.


UMD services and tools for secure data and file sharing

The following services and tools leverage access control, encryption and logging and provide different ways to safely share files and documents. Make sure to review the UMD Data Classification Standards in order to assist with your data storage decisions.

Secure Share is the preferred alternative to email attachments for exchanging documents containing sensitive data. The file will be stored temporarily on a secure server, and recipients will be notified via email that a file is being shared with them. They will be provided with the URL for the UMD Secure Share site where they can retrieve the files.

Google Drive is a cloud storage service that allows you to store, share, and collaborate on your files. Drive is also integrated with Google Workspace for Education apps such as Docs, Sheets, and Slides, enabling you to create, store, and share documents in a variety of file formats.

UMD Box is a cloud storage service that allows you to store, share, and collaborate on your files.

Networked Storage Service is an unstructured data and file storage service hosted on university-owned storage systems and maintained by the Division of Information Technology (DIT).

CUI Environment is designed and maintained to be NIST SP 800-171 compliant and is available for use by researchers handling and analyzing Controlled Unclassified Information. Non-CUI usage is considered on a case by case basis for researchers handling other types of Restricted data.

Microsoft Office: With some Office products, it's possible to protect documents with a password (the password encrypts the document). This is a quick way to add an extra layer of security, but there are at least two risks. If your password is not sufficiently strong, it can be guessed with a brute force attack. If you lose the password, you will lose access to the file permanently.


UMD services and tools for secure communication

The following services and tools allow for secure communication.


Third-party tools for keeping files and data secure (not supported by DIT)

The following tools have not been reviewed and/or do not necessarily meet UMD requirements for official use (i.e. security, FERPA, ADA)