|One Step Ahead
March 12, 2013,
Volume 59, No. 24
Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.
Why use Penn+Box when Storing Data in the Cloud
If you are planning to store documents and/or collaborate on documents using a cloud service, seriously consider using Penn+Box.
Many other cloud services are accessed by a “click through” (“I agree”) function, and often do not include protections that you may need. Penn has negotiated an agreement for Box services that contains strong privacy, security, availability, compliance and other important terms.
In addition to contractual protections, Box contains several features that, when used properly, can help protect the privacy of confidential data.
First, Box can be configured to avoid the proliferation of data on the devices of colleagues you share with. Box does this by allowing you to limit the privileges of your “collaborators” (those you share documents with) to “View” only (i.e., eliminating the technical possibility of downloading to local devices and sharing with others).
Second, you may know that Box offers the ability to “sync” folders with devices you choose, so that the same documents can reside on your desktop, laptop, tablet and smartphone for example. However, by default, Box does not sync your folders and instead relies on you to exercise the “sync” option. By not syncing folders with more sensitive information, you can avoid some of the device-specific security risks to that information.
Be aware that only certain types of data are approved for storage on Box. Visit Penn+Box at http://www.upenn.edu/computing/box for more information. Check out other important topics such as Getting Started, How to Work with Collaborators, Access from Mobile Devices and more.
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/