ARCHIVED: Enterprise storage services for IU units in support of the IT-28 policy

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

Cyber Risk Mitigation Responsibilities (IT-28) applies to all units and organizations on any IU campus that make use of the university's information technology infrastructure. The policy calls for a formal review of plans every two years.

The goal of IT-28 is to ensure that the IU community minimizes, to the greatest extent practicable, the unnecessary creation of cyber risks, while also enabling the productive work of all units. This requires a balanced approach to (a) activities that create cyber risks, and (b) activities that can help mitigate them. Both enabling and mitigating are essential for the diverse IT services required for the university's research, education, and service mission. The policy creates a framework and procedures to formally review and document units' cyber risk mitigation approaches and responsibilities.

In addition to a variety of document, file, and data storage services, the university provides associated services for generating reports on relevant data, and for building workflows for workflow documents.

Note:
Individual IU students, faculty, and staff needing to store files that do not contain sensitive institutional data should see Options for storing files at IU IU researchers working with sensitive institutional data, particularly electronic health information (ePHI) regulated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), should see Your legal responsibilities for protecting data containing protected health information (PHI) when using UITS Research Technologies systems and services

This is document becm in the Knowledge Base.
Last modified on 2018-01-18 17:33:59.