tidBiTS
Informs and engages the UNB community on IT developments and news

Management Briefing - Advances in cloud services and information security at UNB

Author: ITS

Posted on Jul 7, 2015

Category: Management Briefings

Microsoft recently announced it is building two state‐of‐the‐art data centers in Canada to host cloud services, including Office365, the company’s premier collaboration and productivity platform. UNB has long leveraged Office365; for example, our student email, calendaring, etc. have been hosted in the Microsoft cloud, at no cost, since 2011. Necessarily, Office365 has been physically housed in data centers in the US. Now that Microsoft will be operating cloud facilities here, UNB can contemplate wider deployment of free Office365 services—among other things, users of Office365 will have access to much larger storage space than UNB can hope to offer. We currently support tools like Microsoft’s cloud‐based Skype for Business that target collaboration and communication needs, and the Office suite of productivity applications—Work, Excel, PowerPoint, etc.—is available free of charge to all UNB students, faculty, and staff. This is a unique offering in the cloud world because the applications can be downloaded directly to up to 5 devices (desktop, laptop, tablet, etc.) with licenses, upgrades, and so on managed by Microsoft.

Microsoft is a trusted and reliable cloud service provider; in the Fall term, ITS will begin deploying Office365 to faculty and staff on an opt‐in basis, giving users the choice to take advantage of a huge (50GB) email quota, and unlimited data storage capacity, fully integrated with Skype for Business including its chat, video, audio, and screen sharing features. For the first time, faculty and staff will have comprehensive, cloud‐based, easy‐to‐use tools designed to facilitate interaction with each other, students, and community members, anywhere, anytime. ITS will also be organizing town halls on both campuses to inform the community about these new services, and to provide a forum for discussion and feedback.

Many UNB faculty and staff members already use free or low‐cost cloud services, some without even being aware they are doing it. Consumer services like Gmail, GoogleDocs, Facebook, LinkedIn, DropBox—and many, many others—are housed and maintained in the cloud—usually outside of Canada—and are subject to the laws and policies of their host countries. Some current UNB enterprise services are also cloud‐based; for example, Brightspace, the learning management system from Desire2Learn, is hosted on servers in privately‐owned data centers located in Ontario. Offerings like Office365 can be extended to faculty and staff because they need no longer worry that their private information is being stored outside the country; risk of confidential data leaving our control is lower than ever.

Regardless of where cloud services are physically located however, ITS has adopted and enforces rigorous standards of privacy and security that all such services must comply with before they are permitted to be used by the UNB community. While information security and privacy are ultimately the responsibility of all UNB community members, ITS ensures appropriate protection is in place at all times. We expect to be
consulted whenever a cloud service or application is being evaluated—we offer a broad perspective on the utility and risks of specific tools and services, and provide practical guidance and even specific contract language around privacy and security of data. Any proposed integrations of cloud services with existing IT software and services must be cleared with ITS before contracts are signed.

To help ensure compliance, and to assist users in managing different types of data, an Information Security policy is being drafted to specify what data can be stored in the cloud, how to ensure it remains private and secure, and what to do in the case of data breach or loss. The Information Security policy is not just aimed at cloud services however; UNB has data assets right here on our campuses that must be managed and protected as well. The new policy will be available later this year.

Terry Nikkel, AVP, ITS, July 7, 2015