Protect Data in the Cloud

This article applies to: Cloudification , Security & Policy

Use Cornell services for Cornell work, whenever possible. Find Cornell cloud services.

If Cornell doesn't provide a service that you need, follow these guidelines, at a minimum, to help protect university data.

Select a Trustworthy Consumer (Non-Cornell) Cloud Service

Never use your NetID password. Using your NetID password for any service that doesn't use Cornell's Shibboleth, CUWebLogin, or ADFS increases the risk of your password being compromised (everything you can access at Cornell would be at risk - personal information about yourself and others could be stolen, your email could be used to spam people, etc.).

Read the end user license agreement (EULA).

Set permissions to ensure privacy - Make sure data isn't publicly shared by default (very common). If you can't ensure data is kept private and secure, work with local technical support to find a better service.
Read and make sure you agree to privacy policies - Find out things like:
- How much will the service disclose about you?
- Who will it share your information with?
- What kinds of your information will it share (name, contact info, credit card numbers, etc.)?

Back up your data. If you are going to store data in a non-Cornell cloud service and you are unsure about the quality of the service provider's backup system, you should have your own backup.

Cloudification Articles

see all

Cloud Security Policy

Cloud Security Policy

Using Amazon Web Services (AWS) Under Cornell’s Master Contract Cornell IT has entered into an Enterprise Agreement with Amazon to provide public cloud services to the Cornell community. The...

Cloud Services Tips and Best Practices

Use the same good judgment you exercise when using any service, regardless of whether it is a campus-developed or a cloud service. In particular, practice good data management strategies by...

Protect Data in the Cloud

Use Cornell services for Cornell work, whenever possible. Find Cornell cloud services. If Cornell doesn't provide a service that you need, follow these guidelines, at a minimum, to...

Security & Policy Articles

see all

Protect University Data

Certified Desktop Privacy Policy

This service is currently in pilot mode and the information on this page is subject to revision.

Consequences of Mishandling Sensitive Data

When sensitive data isn't managed appropriately, it poses many risks to Cornell. By law, possible loss to certain types of data requires Cornell to report to government agencies and notify...

Export-Controlled Information

Sending or otherwise making available, export-controlled information to a foreign national, either in or outside of the United States territory is an export. Similarly, storing export-...

Information Security Policy Overview (Policy 5.10)

The IT Security Office, in conjunction with the IT Security Council, has developed requirements for securing university systems and data. These requirements are mandated in Policy 5.10,...

IT Security Liaisons

IT Security Liaisons are charged with ensuring appropriate measures are taken in response to a security incident. If your department doesn't have a Security Liaison, please contact your department...

Protect Data in the Cloud

Use Cornell services for Cornell work, whenever possible. Find Cornell cloud services. If Cornell doesn't provide a service that you need, follow these guidelines, at a minimum, to...

Protect Evidence of a Possible Data Compromise

If you haven't already reported the incident, do so now. Work with technical support to contain the system (as outlined below) while you gather and provide incident details to the IT Security...

Report Security Incidents (Compromised Data, Virus, etc.)

Report incidents immediately. Send an email to itsecurity@cornell.edu. If you require urgent assistance, please contact the IT Service Desk...

Responsibilities to Protect University Data (Policy 4.12)

You are responsible for Cornell data stored on computers you use. You are the custodian of that data. This is established in numerous Cornell policies. See Cornell's computer security and...

Store Confidential Data

Whenever possible, we recommend not storing confidential data on your computer. If you have a need to store confidential information on your computer temporarily, consult with your technical...

Why Some Websites are Blocked

Cornell University proactively blocks Internet sites that pose a security threat to the university or the Cornell community. Websites are deemed a security threat when they host...

Search Filters:

Knowledge Base Article

Quick Links and Search

How can we help?

Quick Login

Protect Data in the Cloud

Select a Trustworthy Consumer (Non-Cornell) Cloud Service

Cloudification Articles

Cloud Security Policy

Security & Policy Articles

Protect University Data

Guides

Was this page helpful?

Comments?

Support

Follow IT@Cornell...