- The purpose of the Secure File Storage service is to protect Moderate and High Risk Data that is stored on central storage by Stanford University faculty and staff from their desktop or laptop computers. See the Risk Classifications page for Stanford's data classification guidelines.
- The Secure File Storage service provides the University with an audit of access to the Secure File Storage central storage by participating computers. This audit is a key benefit for the University to determine what actions, if any, to take if computers with Moderate or High Risk Data are lost or stolen. All who use the Secure File Storage service agree to the audit of their usage and compliance to the policy agreement.
- In the event of loss or theft of a computer with High Risk Data, Stanford policy (see Administrative Guide Memo 6.6.1) requires notification of the Information Security Office (ISO). ISO in turn will use the log to determine if a lost or stolen computer is a "reportable" event, possibly requiring notification of persons whose data may have been lost or stolen.
How secure file storage works
- Data is encrypted while being copied from the desktop or laptop computer via VPN or SUNAC technologies. The Data is stored in the clear, at rest, in a qualified central storage service. The file storage is based on the SUNet ID of the faculty or staff member. Data at rest on the desktop or laptop computer is protected by Stanford Whole Disk Encryption.
- Group accounts are available. Groups are administered by a departmental administrator via Workgroup Manager. All individual members of the group must have a SUNet ID. Additions and deletion from the group are the responsibility of the local department. The name of the Stanford Workgroup must be provided to University IT at the time of the order. The workgroup must be located within the workgroup stem, safe-files.
Required software and automatic check-ins
- Stanford Whole Disk Encryption (SWDE) must be installed on all computers using Secure File Storage. University IT will compare the logs of the Secure File Storage usage with the logs of SWDE computers and report those findings to the Information Security Office (ISO).
- BigFix must be installed on all computers participating in the Secure File Storage service.
- Stanford Anti-Malware must be installed on all computers participating in the Secure File Storage service.