Norwegian version of this page

Data storage guide

This guide tells you where you can store and process information. Click on the headings below to read more about about the different kinds of storage.

Please also see the classification guide for information about the different information categories. 

NB! The numbers in the table refers to notes. The notes corresponding to the numbers is in the bottom of this article.

Storing on a Mac, PC or hard drive

  Open 
(green)
Restricted
(yellow)
In confidence
(red)
Strictly in confidence
(black)
Privately owned laptop (BYOD) Yes 11 No No
Privately owned home computer Yes 11 No No
UiO owned home computer Yes 11 No No
Desktop maintained by UIO
(local hard drive)
4 4 4 No
Laptop maintained by UiO – not encrypted
(soon to be phased out)
8 8 No No
Laptop maintained by UiO – encrypted Yes Yes 1, 3 No
Memory stick / external hard drive Yes No No No
Memory stick / external hard drive – encrypted Yes Yes  1, 3 No

E-mail

  Open 
(green)
Restricted
(yellow)
In confidence
(red)
Strictly in confidence
(black)
Private e-mail 
(Gmail, Hotmail etc.)
Yes No No No
UiO e-mail Yes Yes 2, 3 No

Storage services

  Open 
(green)
Restricted
(yellow)
In confidence
(red)
Strictly in confidence
(black)
Personal cloud service
(Dropbox, Google Drive etc.)
Yes No No No
UiO Home directory («M:-drive») Yes 9 No No
UIO shared storage for your unit or research group Yes Yes 6 No
UiO Dropbox Yes Yes No No
UiO Google Suite for Education Yes Yes No No
UiO OneDrive (Office 365) Yes Yes No No
UiO TSD Yes Yes Yes Yes
UiO "Storage hotel" Yes Yes  6 No
UiO personal researcher storage Yes Yes 6 No
UH-IaaS Yes Yes No No

Administrative services

  Open 
(green)
Restricted
(yellow)
In confidence
(red)
Strictly in confidence
(black)
UiO ePhorte Yes Yes Yes No
UiO HR portal (SAP) Yes Yes Yes No

Content management systems (CMS)

  Open 
(green)
Restricted
(yellow)
In confidence
(red)
Strictly in confidence
(black)
Vortex Yes Yes 6 No
UiO Wiki Yes Yes No No

Other services

  Open 
(green)
Restricted
(yellow)
In confidence
(red)
Strictly in confidence
(black)
UiO Nettskjema Yes Yes 5 5
UiO Reqeuest Tracker (RT) Yes Yes 10 No
UiO Canvas Yes Yes No No
UiO CIM Yes Yes Yes No
UiO Instant Messaging
(XMPP - chat.uio.no)
Yes 7 7 No

Notes

  1. Red data can be stored on a laptop with a fully encrypted disk, an encrypted memory stick or an encrypted external hard drive. The encrypytion must, at all times, meet the demands given in LSIS.
  2. E-mails with red data can be sent internally at UiO between UiO users. If e-mails with red data is to be sent to external recipients, the content has to be encrypted before sending it. See LSIS for the applicable requirements. These kinds of e-mails must NOT be synchronized with a private laptop or mobile phone.
  3. Make sure that red data can not be downloaded or collected to the home disk, laptops without an encrypted disk or other storage that cannot store red data.
  4. In general, it is not recommended to store data or documents on the local drive of your computer or workstation.
  5. Nettskjema supports gathering information for immediate transfer into TSD. TSD is approved for storing red as well as black data.
  6. Red data may be stored in Vortex, on your shared research network drive or in the UiO Storage Hotel, if you make an individual risk assessment of the data and its content.
  7. Yellow and red data may be processed in UiO XMPP if the chatroom has access control.
  8. This category is expiring soon. From Q3 in 2018, all laptops maintained by UiO will have fully encrypted hard drives.
  9. Information meant for sharing with your colleagues should be placed in a shared network drive, not in your home directory.
  10. Red data may be kept and handled in Request Tracker (RT) if you make an individual assessment of the risks. Care must be taken to ensure that red data is not put in open queues. Routines must be in place to ensure that red data is deleted.
  11. As a rule, yellow data is not allowed on your private laptops or computers. However, some limited use is accepted if you comply with the guidelines for using private computers.

Approved by the IT director 28. august 2018.

Tags: klassifisering, lagring av data
Published Oct. 16, 2018 2:53 PM - Last modified Sep. 17, 2019 3:14 PM