Cloud Storage Security Guideline
This guideline applies to all users accessing systems and resources at Boise State University.
Employees using cloud storage to store University data MUST:
- Ensure that the University data is protected using appropriate data encryption as outlined in the System Security Encryption Guideline.
- Ensure that all University data has been permanently deleted from cloud storage once their need to store such data is no longer required.
- Immediately report to the Help Desk any incident or suspected incidents of unauthorized data access as it relates to their cloud storage provider.
The use of cloud based storage services MUST NOT:
- Introduce risk to the security, privacy, copyright and retention of Boise State data.
- Be utilized to store or share Level 1 (Private/Confidential) or Level 2 (Protected) data as defined by the Boise State Data Classification Standard.
The use of cloud based storage solutions to store Boise State University data in an insecure manner could lead to inadvertent disclosure, lost and/or stolen data. Such a breach could result in damage to critical applications, financial loss, and damage to the University’s public image. Therefore, all users employing cloud based storage solutions to store Boise State University data of any type, must adhere to University-defined policies, standards, plans and processes.
Individuals using computer systems owned by Boise State University do so subject to applicable laws and University policies. Boise State University disclaims any responsibility and/or warranties for information and materials residing on non-university systems or available over publicly accessible networks. Such materials do not necessarily reflect the attitudes, opinions, or values of the State of Idaho, Boise State University, its faculty, staff, or students.
Created: January 2016
Last Update: August 2022
Next Review: February 2023