Skip to content Skip to site navigation

Code42 CrashPlan Backup Responsibility Matrix

The Responsibility Matrix indicates whether University IT or the client is ultimately responsible for performing the listed task. In instances where there are check marks (✓) in both columns, both the client and University IT must coordinate their efforts to ensure the successful completion of the task. It is not the intent of any Responsibility Matrix to absolutely define every process, function or task performed as a contracted function.

SERVICE NAME Client University IT
HANDLING PROTECTED HEALTH INFORMATION (PHI)    

Identify users with PHI

 
Notify University IT when users with PHI are enrolled in the service, using Stanford Services  
Disable web-based restore capability for users with PHI, allowing restores only via the desktop client  
SOFTWARE DISTRIBUTION, INSTALLATION and CONFIGURATION    
Make default, system-specific client installers available online  
Create organization-specific client installers  
Install client software  
Post and maintain documentation indicating include/excludes for default configurations  
ACCOUNT MANAGEMENT, BILLING    
Identify a single individual to act as a "Client Contact" for technical and billing communications  
Be responsible for the distribution and usage of a client's unique Organizational Serial Code  
Immediately deactivate user accounts and delete all user archives when users or devices become ineligible for the service.  
Notify University IT if unauthorized user accounts are identified and corrective administrative action is needed, using Stanford Services  
Review monthly billing reports and immediately report discrepancies, using Stanford Services  
Review the number of client licenses used by each Organization Serial Code and make quarterly billing adjustments  
SUPPORT and INCIDENT MANAGEMENT    
Alert the campus community to sustained, unscheduled interruptions using the University Alerts system  
Administer and troubleshoot the Code42 CrashPlan server  
Troubleshoot client software  
Push out updated client software (done by Code42)    
Restore individual user data  
Perform individual test restores  
Send automatically-generated emails alerting users to missed backups  
Monitor individual user backups  
Monitor system-wide backup performance  
PRIVACY and SECURITY    
Enforce encryption of backup data, authentication mechanisms and proper handling of user archives  
Collect identifying client information, including IP address and location, authenticating activity (SUNet IDs), specific restore and backup actions  
Perform log analysis to identify suspicious activity  
Conform to the responsibilities for handling electronic data as found in the Stanford Administrative Guide, Section 6
Last modified June 19, 2020