Cardinal Key is required in order to store High Risk Data (including PHI) in Stanford’s Google Drive environment. Cardinal Key ensures that devices used to access these data meet the university’s cybersecurity requirements. To begin using Google Drive with High Risk Data, follow the steps below:
- Set up Cardinal Key on each of your devices:
- Prepare a separate workgroup for Cardinal Key enforcement:
- Create a new workgroup via https://workgroup.stanford.edu → Create a New Workgroup.
- Enable Google Group integration: Select your new workgroup → Workgroup Integration → click Link in the Google Group row.
- The integration does not take effect immediately. Check back on this page for confirmation of when the integration has been established.
- Add members to the workgroup who will be accessing the High Risk Data.
- Notify the members that they will need to use Cardinal Key for access to Stanford’s Google services.
- Notify ISO of your new workgroup via a Help request so it can be enabled for Cardinal Key enforcement. Await confirmation before proceeding to Step 4.
- Prepare a dedicated shared drive specifically for storing the High Risk Data in Google.
- Create the shared drive in Google: https://drive.google.com → Shared drives → New.
- Restrict access to the share drive: Select the drive → Shared drive settings:
- Uncheck “People outside Stanford University can be added to files.”
- Uncheck “People who aren't shared drive members can be added to files.”
- Grant the workgroup access to your shared drive: select the drive → Manage members.
Once the steps above have been completed, you can adjust access at any time by adding/removing members to/from your workgroup.
Please submit a Help request if you have any questions. You can also use the #iso-cardinalkey Slack channel to reach the support team.