Dealing with Cloud Services

Is my data safe in cloud services?

Cloud services such as Dropbox, iCloud and OneDrive are well known and are often used for private purposes. Using them for work-related or research data has a high appeal due to the known convenience. Nevertheless, these services should only be used to a very limited extent because, among other things, data protection aspects must be taken into account when storing files. In addition, cloud services can also fall victim to cyber attacks. The security measures used are hardly verifiable in advance, which means your stored data can be lost in the event of a successful cyber attack. The University of Münster recommends storing official data exclusively on file servers of the university and not to use cloud services for this purpose. For more information on the secure storage of data, see tips for storing information.

  • Data transfer to the Cloud through Applications

    Data is not only transferred to a cloud through your own data storage. Some applications or services automatically back up your data and information to the provider cloud. This function is offered as an automatic backup and the data is often synchronized without you noticing or being able to change it. 

    Your data is transferred to the respective provider when it is transferred to the cloud and the confidentiality of the data can no longer be guaranteed. In the case of work-related or personal data, this type of data transfer must be approved by the Data Protection Office and the Information Security Office before activation.

    Data backup in the provider cloud can also be added as a new function as part of a software update to the previously used application. You should therefore check which new functions are associated with a new application version before accepting and installing it. Also when handling private data, you should always consider whether you agree to such a data transfer and, if in doubt, check the terms and conditions for such a data backup.
    Information on transferring data to a cloud via the e-mail program can be found here.

  • For which purposes should I use Sciebo and for which not?

    Sciebo is intended as a collaboration and synchronization tool and is therefore very well suited for the simple and secure exchange of data or the joint editing of documents, even with external persons. However, the service is not suitable for securing confidential, work-related or research-related data. Sciebo is only suitable as a primary storage location to a limited extent, as the recovery of accidentally deleted files can only be guaranteed for seven days. Internally, the network drives provided should be used, especially for storing sensitive data. 

  • Cloud Policy

    The IV Security Team has developed a policy for the use of cloud services, which has been approved by the rectorate. This policy is intended to provide guidance for deciding whether cloud services should be used and, if so, how they should be used: Cloud Policy.