Practice Responsible Data Management Using ECU’s Approved Online Storage
- Both OneDrive cloud storage and Piratedrive network storage are approved for sensitive data storage at ECU.
- ECU information should never be stored with any outside storage service (for example, Dropbox or Google Docs) without proper authorization. See the cloud computing page for more information.
OneDrive cloud storage is a feature of ECU’s Microsoft 365 subscription for enrolled students, full-time faculty and staff and alumni.
Piratedrive network storage provides compliance with state, federal and university regulations and policies using daily backups, encryption and password protection.
Not sure where your information should be stored?
- If you plan to store sensitive data in OneDrive, see this policy page from University Data Governance for guidance. This page also includes the data steward if you have questions or need an exception.
- Call the Data Steward for Research (252-328-4810) to determine whether research data, technical specifications or information falls under these categories.
- Cloud storage services outside the university do not meet required security standards (see below). The Cloud Computing and ECU Data page outlines best practices.
- Sensitive data can only be shared with appropriate ECU users. See the Data Governance policy page for guidance that includes data steward contacts for questions and exception requests. Contact the Office of Research Integrity and Compliance (252-328-9474) to determine whether your research data, technical specifications or information falls under these categories.
Other Cloud Storage Solutions
Other external storage of university data using services like Dropbox, Google Apps and iCloud must be reviewed by ITCS and approved by the data owner. Syncing between your ECU-managed computer and these services is blocked.
These services may not meet these university standards:
- user privacy
- security
- intellectual property protection
- records retention
With no contract or agreement between these outside service providers and ECU, information is now in someone else’s hands. Contact the IT Service Desk (252-328-9866) to request a consult before contracting with an outside cloud storage service.
Consider These Vulnerabilities:
- Click-to-agree terms and conditions enter you into a contractual agreement with that service provider. Per ECU regulation, Delegation of Authority to Sign Contracts, only those individuals with delegated authority can enter into a contractual agreement on behalf of the university.
- Once you agree to the terms and conditions of the agreement, you may no longer “own” your information.
- There could be security risks that compromise the confidentially, integrity and availability of your information or make it publicly available while placing the university at risk.
- Sensitive or confidential information (patient, student, credit card, Personally Identifiable Confidential Information) must NEVER be stored external to ECU without appropriate university approval and information security assessment. See the sensitive information storage page for approved storage options.
- The university has no control over what occurs with outside service providers; therefore the university cannot protect the privacy and security of your information.
- ECU information could be exported and housed outside the U.S. under foreign jurisdiction.
- You may not be informed if a subpoena or search warrant is served on the service provider to obtain additional information about you.
- There may be no legal recourse against the service provider in the event of security breach, loss of information or other problems.
- Companies change hands, go out of business and change privacy policies which may not be in your best interest.