Are files and data safe using BuckeyeBox?
Meta: BuckeyeBox, Buckeye Box, Box, sharing, share, security, data protection
Box adheres to the highest industry standards for security at every level and commits extensive resources to the design, implementation, monitoring, and maintenance of its security infrastructure, including:
- Data encryption
- Administrative auditing
- Role-based access controls
- Password and time-based file sharing
For more, see Box's Security Leadership In The Cloud.
Users should remember that data stored anywhere has some degree of vulnerablilty to breach. Individuals who use BuckeyeBox accounts for university work are responsible for ensuring that sensitive information is not placed or stored in unapproved or inappropriate locations.
It is not acceptable for any institutional data classified as "restricted" (e.g., birthdate, ethnicity, SSN or driver's license number, credit card numbers, etc.) with the exception of FERPA. Use caution when syncing BuckeyeBox with personally-owned devices. Laws and regulations prohibit FERPA information from being stored on personal devices. If you work with FERPA data on a regular basis, you are advised NOT to sync BuckeyeBox with personally-owned devices.
In addition, Protected Health Information (PHI) should never be stored on BuckeyeBox.
The service is appropriate for personal files and information classified as public (See Data Classifications). You shouldn't use your BuckeyeBox account to collect, process, or store data covered by laws that protect privacy or require security measures.
What types of data are appropriate for my BuckeyeBox account?
Best Practices for Sharing Files
Automatic removal of non-OSU collaborators on BuckeyeBox