information security: sanctioned use of google apps for education

III-1i Sanctioned Use of Google Apps for Education

Overview

Version 1.0
Last Revision Date: Feb 4, 2014
Approval Date: March 20, 2014
Approval Authority:  CWRU Chief Information Security Officer

Purpose

This policy establishes boundaries for sanctioned use of CWRU Google Apps for Education (Google Apps), including but not limited to email, calendar, contacts, online meetings (Hangouts), online file storage (Drive and Google Docs), self-service web sites (Sites), photos (Picasa), social media (Google+), etc.

Coordination with Other Policies and Procedures

The Sanctioned Use Policy for CWRU Google Apps is closely aligned with these policies:


Policy I-1 Acceptable Use Policy

Policy III-1, Information Tiers and Senstivity

Policy I-2 SSN Use Policy

Policy III-1f Tier III Controls: Information Security Requirements for Restricted Information

Cancellation

Not applicable.

Policy Statement

General

Case Western Reserve University has been engaged in the use of Google Apps for Education (Google Apps) since 2007. In the use of the various applications in the Google Apps suite, the following policy is defined to assist users in prudent decisions about how to use Google Apps, and similar cloud-based services available to the CWRU community. The application suite encompasses Google Apps utilities available to authorized CWRU users, through appropriate Single Sign On authentication.

Policy

  1. The CWRU-branded Google Apps suite of applications have been approved for use with Public and Internal Use categories of information, as described in CWRU ITS Policy III-1 Information Tiers and Sensitivity.
  2. The storage and transfer of Restricted information in Google Apps is strictly prohibited, unless the files are individually protected using encrypted means sufficient to prevent disclosure (strongly encrypted, complex-password-protected attachments, with no passwords included).

Responsibility

End Users will manage information under their stewardship in accordance with university policy.

Information Technology Services will manage risk of shared information in Google Apps through various audit and assessment activities.

Definitions

Standards Review Cycle

This standard will be reviewed every three years on the anniversary of the policy effective date, at a minimum. The standard may be reviewed on a more frequent basis depending on changes of risk exposure.

Frequently Asked Questions (FAQ) for Sanctioned Use of Google Apps

© 2013 Case Western Reserve University
Cleveland, OH 44106
216.368.2000
 
Information Technology Services
(legal notice)
 
Contact website owner
 
Contact our service desk
CWRU ITS Social Networks
Translate this page

Share |