CIO'S MESSAGE - October 30, 2019

Preventing Accidental Exposure of Sensitive Information via Campus Email

Dear Colleagues,

Most data breaches happen due to an end user’s unintended disclosure of confidential information sent via email or email attachment. To prevent this type of accidental data disclosure, we are implementing a data loss prevention tool in our campus email system.

The data loss prevention tool will be implemented on November 18. After its implementation, when an email user composes an email message or attaches a document to the email that contains social security number, credit card number or passport number (USA/UK passports) and that email is intended to be sent to an email address outside the campus email system, an automated message will display to warn the email user that the email or its attachment “may contain sensitive information." The data loss prevention tool will not stop the email or the attachment from being sent, but will ask the sender to confirm the action of sending the email.

The detection of the sensitive information in the email or email attachment is conducted automatically by the data loss prevention tool, and is consistent with the CSU's Responsible Use Policy. Implementation of this program does not involve humans screening emails. The data loss prevention tool is intended to help reduce the risk of disclosing accidental sensitive data by email.

If you have questions regarding this new email data loss prevention tool, please contact our technology helpdesk at

Aysu Spruill
Information Security Officer

Min Yao, Ph.D.
Vice President and Chief Information Officer