Types of institutional data appropriate for Microsoft 365 at IU and Google at IU
In accordance with laws and university policies that protect the privacy and security of institutional data, applications provided by the Microsoft 365 at IU and Google at IU services are appropriate for work with institutional data as follows:
- For personal files (or files that coworkers would not need if you left the university), UITS recommends using Microsoft OneDrive at IU or Google at IU My Drive.
- For work involving Public data or University-Internal data, UITS strongly recommends using Microsoft Teams at IU.
- For work involving Restricted data or Critical data, you must use Microsoft at IU Secure Storage or Google at IU Secure Storage (only available as a paid option for departments).
Important:
- Shared storage in Google is available only as an option for departments that wish to pay for continued storage in Google.
- Due to limits to IU's storage footprint in the Google platform, all individual Google My Drives now have a 5 GB quota.
Note:Each secure storage site must delineate the types of sensitive data used; users must take appropriate compliance training(s). To request secure storage for use with Microsoft 365, submit the Institutional storage request form.
Microsoft 365 and Google at IU applications are not appropriate for the following types of sensitive institutional data:
- Credit card or Payment Card Industry (PCI) data
- Information regulated by Export Control Laws, such as certain types of research or information about restricted items, technology, or software (see Office of Research Compliance: Export Control)
- Controlled Unclassified Information (CUI)
- Advancement data such as donor gift agreements, donor wealth information, and detailed donor giving information are not approved for these environments.
Official classifications for institutional data at IU are defined in Management of Institutional Data (DM-01). If you have questions about the classifications of institutional data at IU, see Classification levels of institutional data, use the Data Sharing and Handling (DSH) tool, or contact the appropriate Data Stewards. To determine the most sensitive classification of institutional data you can store on any given UITS service, see Choose an appropriate storage solution.
For information about working with sensitive institutional data at IU, see:
- Critical Data Guide
- About dedicated file storage services and IT services with storage components appropriate for sensitive institutional data, including research data containing protected health information
For more about health information, see:
This is document bger in the Knowledge Base.
Last modified on 2023-06-01 13:09:28.