St George’s, University of London policy regarding the use of cloud computing services such as iCloud, Dropbox, Microsoft (Azure, BPOS and SPLA), Amazon (AWS, S3 and EC2) and Google (Google Apps) can be found here: Cloud Computing policy (PDF).
While we do not actively restrict the use of commercial cloud services, we discourage their use due to concerns regarding the security of university data and data protection related issues.
The policy highlights that cloud computing services should not be used for processing data which is:
-
sensitive category data as defined by the General Data Protection Regulation (GDPR)
-
confidential to the university or a third party
-
of such criticality that functions or operations would be disrupted should it be unavailable or lost or become corrupted
-
valuable intellectual property of the university.
If you wish to use the cloud and any of your data falls into one or more of the above categories, please seek advice from the university’s Data Protection Officer or the Legal Advisor before subscribing to any such services.
Please remember that St George’s Office 365 portal, along with our VPN and iDrop* services, are provided for secure access to university emails and data, and these services should be used wherever possible to access university computer resources from off-campus.
*The iDrop service is available for transferring large files to colleagues at other institutions.