Cloud Storage and Confidential Materials Policy
Scope:
This policy covers use of Cloud Storage and specifically Google Drive for the storage of files that may be considered confidential. Cloud storage refers to dedicated file storage locations hosted by a third-party and off-site. This does not include the storage of files within a larger third-party software system, such as a Software-as-a-Service (SaaS) solution.
Privacy and Google Suite for Education
Our contract with Google states that we will always own our data, they will not share that data with other parties, and that they will not datamine our information. However, this does not mean that all data is appropriate for storage or transmission via Google Suite services.
Google Drive
Google Drive is the cloud storage solution provided by Google Suite for Education, Muhlenberg College’s Communication & Collaboration platform. It is a core part of G Suite, and therefore is available to all users. Drive is available via a browser interface or can be installed as a local folder and synchronized with copies in the cloud using a software application. Drive is the official cloud storage solution provided by Muhlenberg College. G Suite for Education can be used in compliance with the Family Educational Rights and Privacy Act (FERPA). For details on FERPA, reference the information provided by the Registrar's Office.
Other Cloud Storage
A number of other products such as Dropbox and Box are available to users for cloud storage. All Muhlenberg College users should make use of Google Drive for College work product.
College Local Storage
Muhlenberg College provides secure on-site storage via Windows and Macintosh “network drives.” These are storage options located on College servers and are backed-up using College systems using encryption tools. These locations appear as local drives once authenticated into our Novell network environment.
For Microsoft Windows users, these file shares are the Shared drive for a department, mapped as the “k:” drive and a user’s personal home drive, mapped as the “h:” drive.
For Apple Macintosh users, these are called Shared and Home.
What Should Not Be Stored in the Cloud
In general, any documents that contain:
- Health Insurance Portability Accountability Act (HIPAA) Protected Health Information (PHI)
- Personal Identifying Information (PII) (e.g. social security numbers)
- Financial information (e.g. payment/credit card information)
- Confidential college work product
- Intellectual property
Additionally, any document that has been password-protected should not be stored in the cloud.
