Topics Map > Security
Topics Map > Microsoft 365 > SharePoint
Topics Map > Microsoft 365 > Teams
Topics Map > Storage > SharePoint
M365 (How To) Request a SharePoint Team Site to store High Risk Data
Faculty, staff, and students who need to store moderate or high risk data in the SharePoint environment should complete the High Risk Data Storage Request form and Information Security Office staff will provide a brief consultation to recommend an appropriate storage solution.
All UWM Microsoft 365 users have the ability to create a SharePoint site via self-service by creating a Microsoft Team (since all Teams include a Team site) or from the SharePoint landing page page. Users also have the ability to apply sensitivity labels to secure Team sites that store moderate risk and high risk data as defined by UW System Administrative Procedure 1031.A.
Sensitivity labels allow Team, Group. and SharePoint site owners to protect and regulate access to sensitive organizational content. Sensitivity labels can be applied to Teams, Groups, and SharePoint sites upon creation or at any time by owners.
High and moderate risk data includes, but is not limited to:
- HIPAA, PHI (Protected Health Information)
- PCI DSS
- FERPA data
- Financial account numbers (including credit or debit card numbers, bank account numbers)
- Personally identifiable data (PII (e.g., Social Security numbers, driver's license numbers))
- Intellectual Property
Team sites that contain moderate or high risk data types, as outlined under UWSA 1031.A, should, at minimum, have the sensitive label applied. Sites containing high risk data, which is not intended to be shared outside of your team or organization should be labeled with the Restricted label, which will prevent any form of external sharing.
Additional information regarding labeling Teams, Groups, and SharePoint sites is available in our KB.