Many people are now making use of third-party Cloud Storage services such as Dropbox, SkyDrive, Google Docs and other similar services, offering convenient access to your data from a number of different devices.
If you are using, or considering using, one of these services, you must also consider whether you need to take steps to protect any data that you upload, by encrypting it before uploading. (In the terms of these services, uploading can mean putting it into the local directory used by the client application for synchronising changes. E.g. the Dropbox folder in your home folder).
Check whether any University data you intend to upload meets the definitions of medium or high risk data according to the Records Management policy on Personal and Sensitive Business Data.
You must protect any medium or high risk data which you upload to a third-party host, by use of encryption software, or risk the University being in breach of the Data Protection Act.
Some Cloud Storage providers may not allow the upload of pre-encrypted data to their service, therefore you should carefully check the terms of service, and only use those services which allow this functionality, for storage of sensitive University data.
Alternatives include using encrypted USB drives for data transfer, or use of the UoE centrally provided network storage, and accessed via remote access facilities such as Windows Remote Desktop, or Apple Screen Sharing for remote working
This article was published on Apr 19, 2013