Bryant University staff, faculty, and students working with University data must comply with University data protection policies and guidelines when using storage and collaboration services, both commercial cloud storage services, and services provided in-house by the Information Services division. The following storage requirements have been established to protect University data.
Information Services has established security classifications for Bryant data and guidelines for proper handling across the various storage options available to users. Data will fall into one of three categories - Confidential, Private or Public.
- Confidential data includes FERPA, GLBA, PCI, Personally Identifiable Information (PII) and any data deemed University Protected by decision of a Data Steward.
- Private data is any institutional data not explicitly classified as Confidential or Public.
- Public data is any data deemed Protected by decision of the Data Owner or Data Steward.
|Network Drives (e.g. Home Directory)|
|Department File Shares|
|Local Drives (e.g. Desktop C: Drive)|
|Office 365 OneDrive|
|Cloud Storage (Dropbox, Box, etc.)|
|Secure Storage Options|
Description: Data Storage Options
- Home Directory is the University’s network-based file storage and sharing system.
- Department File Shares is the University’s network-based file storage and sharing system.
- Local C: Drive is a University owned computer (desktop, laptop).
- Google Drive is the service the University has entered into agreement with to provide university-wide storage. Check with Information Services to find out more about the service provider agreement.
- Office 365 OneDrive is the University’s cloud-based file storage and sharing platform.
- Commercial Cloud Storage Services without an agreement with the University, including Dropbox, Box, Amazon Cloud, or other commercial data services, are not appropriate for storing most University data.
- Secure Storage Options: Your department may have chosen a secure storage solution for the sharing of sensitive data. Check with your supervisor or department head for more information. For additional technical instructions on how to securely share data with internal or external resources, please contact the Helpdesk.
About Data Classifications
University data classifications are outlined in Data Classification Guidelines. If you are not sure how to classify a piece of data, check with your supervisor or department head. As a rule, err on the side of caution and assume University data is confidential. This means choosing a secure storage option and declining to share it with others.
- Data with multiple classifications must be treated according to the highest level of restriction.
- The following requirements only apply to the storage of University data. If a storage option is approved for a certain type of data, it does not imply that data may be shared, distributed, or disclosed using that service.
- To protect University data, be sure to change your account password regularly and follow all University policies and guidelines applicable to the appropriate use of University resources.
Cloud Storage: Understand the Risk
Cloud storage offers many advantages over traditional data storage. It’s flexible and allows access from anywhere and can expand as needs for storage grow. It allows file-syncing across multiple platforms, enhanced information sharing and expanded collaboration.
However, as with any technology which stores or transmits data, there comes a risk, and cloud storage is no exception. Data residing on cloud storage should be thoughtfully selected, approved by the data owner, and implemented to ensure that the associated risks are managed appropriately. Bryant’s Information Services will partner to evaluate the particular data types selected for cloud storage and the risks associated in order to eliminate unnecessary exposure.