Search Submit Search

Confidential Box is CSUN’s secure solution for storing Confidential Level 1 data.  
Confidential Box has the same features as myCSUNbox plus DUO multi-factor authentication. Multi-factor authentication (MFA), also known as dual-factor or two-step authentication, is the process in which a user accesses a computer system or software application using two forms of authentication to log in. 

If you are storing or planning to store confidential data in the cloud, you should use Confidential Box. You should not store unencrypted confidential data in your regular myCSUNbox account. Learn more about protected data here. 

Access Confidential Box via the button below and log in with your standard CSUN credentials.

Be sure you are logged out of myCSUNbox before you log into Confidential Box. When you’re logged in, you will see a “Confidential Box” logo on the upper left. To share files in Confidential Box, all users must be classified as confidential data users. Files shared in your Confidential Box can only be shared with other CSUN Confidential data users. Additionally, syncing is not permitted. Users should also be connected to the campus network or VPN when accessing Confidential Box.

CSU Data Classification (Descriptions and Examples) 

This page describes the three levels of data classification that the University has adopted regarding the level of security placed on the particular types of information assets.  The three levels described below are meant to be illustrative, and the list of examples of the types of data contained below is not exhaustive.  Please note that this classification standard is not intended to be used to determine eligibility of requests for information under the California Public Records Act or HEERA.  These requests should be analyzed by the appropriate legal counsel or administrator.

Level 1 – Confidential

Access, storage and transmissions of Level 1 Confidential information are subject to restrictions as described in CSU Asset Management Standards. Information may be classified as confidential based on criteria including but not limited to:

a)     Disclosure exemptions - Information maintained by the University that is exempt from disclosure under the provisions of the California Public Records Act or other applicable state or federal laws.

b)    Severe risk  - Information whose unauthorized use, access, disclosure, acquisition, modification, loss, or deletion could result in severe damage to the CSU, its students, employees, or customers. Financial loss, damage to the CSU’s reputation, and legal action could occur.

c)     Limited use - Information intended solely for use within the CSU and limited to those with a “business need-to know.”

d)    Legal Obligations - Information for which disclosure to persons outside of the University is governed by specific standards and controls designed to protect the information.

Examples of Level 1 – Confidential information include but are not limited to:

• Passwords or credentials that grant access to level 1 and level 2 data
• PINs (Personal Identification Numbers)
• Birth date combined with last four digits of SSN and name
• Credit card numbers with cardholder name
• Tax ID with name
• Driver’s license number, state identification card, and other forms of national or international identification (such as passports, visas, etc.) in combination with name
• Social Security number and name
• Health insurance information
• Medical records related to an individual
• Psychological Counseling records related to an individual
• Bank account or debit card information in combination with any required security code, access code, or password that would permit access to an individual's financial account
• Biometric information 
• Electronic or digitized signatures
• Private key (digital certificate)
• Law enforcement personnel records
• Criminal background check results

Level 2 – Internal

Access, storage and transmissions of Level 2 - Internal Use information are subject to restrictions as described in CSU Asset Management Standard.

Information may be classified as “internal use” based on criteria including but not limited to:

a)     Sensitivity - Information which must be protected due to proprietary, ethical, contractual or privacy considerations.

b)    Moderate risk - Information which may not be specifically protected by statute, regulations, or other legal obligations or mandates but for which unauthorized use, access, disclosure, acquisition, modification, loss, or deletion of could cause financial loss, damage to the CSU’s reputation, violate an individual’s privacy rights, or make legal action necessary.

Examples of Level 2 – Internal Use information include but are not limited to:

• Identity Validation Keys (name with)
  • Birth date (full: mm-dd-yy)
  • Birth date (partial: mm-dd only)
• Photo (taken for identification purposes)
• Student Information-Educational Records not defined as “directory” information, typically:
  • Grades
  • Courses taken
  • Schedule
  • Test Scores
  • Advising records
  • Educational services received
  • Disciplinary actions
  • Student photo
• Library circulation information.
• Trade secrets or intellectual property such as research activities
• Location of critical or protected assets
• Licensed software
• Vulnerability/security information related to a campus or system
• Campus attorney-client communications
• Employee Information
  • Employee net salary
  • Home address
  • Personal telephone numbers
  • Personal email address
  • Payment History
  • Employee evaluations
  • Pre-employment background investigations
  • Mother’s maiden name
  • Race and ethnicity
  • Parents’ and other family members’ names
  • Birthplace (City, State, Country) 
  • Gender
  • Marital Status
  • Physical description
  • Other

Level 3 – General

Information which may be designated by your campus as publicly available and/or intended to be provided to the public. 

Information at this level requires no specific protective measures but may be subject to appropriate review or disclosure procedures at the discretion of the campus in order to mitigate potential risks.

Disclosure of this information does not expose the CSU to financial loss or jeopardize the security of the CSU’s information assets. 

Box Drive, allows users to access all content in myCSUNbox, not just previously specified files. Users have the ability to make folders available even when offline, use the operating system File Explorer instead of the web interface, and easily search myCSUNbox content from your computer.

Box Drive is available to download and install on university-owned devices by following the instructions for PC and Mac below.

Must-See Videos

• Box Essential Training
• Intro to Box Storage

Quick Guides

• Box user guide
• How to Create a Box File Request | Step-by-Step Guide
• Co-Author with Office Online
• Adding Comments & Tasks
• Email Notifications
• Box University - User Videos
• Uploading to Box
• Search for a Topic

From a PC

1. In the Start menu "Type here to search" box, enter the words Software Center, and then select it when it displays. 
2. Select the Box Drive application option and follow the installation instructions.

From a Mac

1. Select the Apple Launch Pad button.
2. Select Self Service.

Select the Box Drive application option and follow the installation instructions.

For more tools and resources, visit the Software Solutions for Teaching and Interaction page.

If you have any questions or need assistance, please contact the IT Help Center.

View Reasons to use myCSUNbox

Sign in to https://mycsun.app.box.com/ with your CSUN user ID and password. Once you are logged in to your account, add collaborators and begin collaborating using a user's userID@csun.edu. If you don't know the user ID, search for the user within Box or request it from the user.

Individual Accounts 

If you are a CSUN student, faculty or staff, you are automatically issued an individual myCSUNbox account. Use your individual account to store and share files that belong to you. 

Group Accounts

Divisions, colleges, departments, and other groups such as committees can obtain a group account by contacting the IT Help Center. Use group accounts to store and share files that belong to the group. If you have been granted access to a group account, it will appear as a folder with the group's name when you log in to myCSUNbox. 

Best Practices for Group Accounts 

• Owning a group account and adding group members – Each group account should have at least two co-owners; they are responsible for adding group members and owners for any subfolders.
• Naming your group account and creating subfolders – The IT Help Center will use your division, college, department, or committee's name for your group account's name. For divisions and colleges, your folder structure should mirror your organizational structure. For committees, use your committee's name. 
• Sharing folders – When sharing a folder, share the highest-level folder accessed by that user; this will help reduce the number of folders in a user's account. 

To access an accessible version of myCSUNbox:

1. Go to a.box.com
2. Enter your CSUN Email Address and Password, and then select the Log In button.  
3. A CSUN log in page displays. Enter your CSUN User ID and Password, and then select the Login button. 
4. The accessible version of myCSUNBox displays.

For more information on A.Box.Com, visit the Using A.Box.Com for Accessibility page. 

myCSUNbox users can now collaborate in real-time by using Office Online. Edit a file at the same time as colleagues and external partners and see all changes being made as they happen. Whether it's a project plan in Word, sales proposal in PowerPoint or financial plan in Excel, you can edit it in real-time with others, in Box. All edits automatically save, avoiding version conflict - plus, you can pull up a previous version to reference old content whenever needed.

To see how it works, check out Box for Office Online with Real-Time Co-Authoring.

View the Box Add-Ons and Apps document to learn about add-ons for your desktop, laptop and apps for your mobile devices; these will will help you get the most out of your myCSUNbox account. 

To learn how the CSU classifies confidential data, visit CSUN's Protected Data page.

Data Types OK Not OK

Data classified as Level 1 Confidential (e.g. Social Security numbers and credit card numbers)		x
Data classified as Level 2 Internal (e.g. Birth dates, student information, employee information). Files storing Level 2 data should be encrypted. View a guide for encryption and password protection for documents (PDF).	x
Data classified as Level 3 General (e.g. Any file that does not contain confidential such as project documents, committee agendas and minutes, PowerPoint presentations, event flyers, etc.)	x

 

Box Help and LinkedIn Learning offer an extensive library of resources for all users. We have compiled some of the most popular resources on the left-hand side of this page under Quick Guides and Must-See Videos. 

No. Creating, updating, or deleting a file on one Box account has no effect on the other. 

A myCSUNbox File Request gives you a secure way to request and obtain files. myCSUNbox uses an easy drag and group graphic interface, you create a web form that enables you to:

• Securely request files
• Gather information with Metadata which can be set as required/optional 
• Enables extra security and email validation with link settings 
• Kickoff work flows 

To view the steps on how to make your own Box file request please visit CSUN's Creating a myCSUNbox File Request webpage. 

Box Help offers an extensive library of resources for all users. You can also contact the IT Help Center.

To gain access to Confidential Box or if you have any questions, please open a support ticket or email the IT Help Center at .

If you have access to print Level 1 data, you can download the documents to a CSUN Level 1 workstation and print the documents.

Confidential Box has been restricted to on campus or VPN. If you are off campus you will need to log into VPN.

No, Confidential Box encrypts the documents for you.

No. Creating, updating, or deleting a file on one Box account has no effect on the other. 

Invest in the Leaders of Tomorrow