Cloud Services Policy | Technology Services

Note: Division of Finance and Operations users will not store or transmit Texas A&M University data deemed confidential, mission critical, or sensitive via non-University-contracted cloud-based services.

Definitions

Cloud computing: Cloud computing is the delivery of computing services such as shared resources, software, data storage, and data transmission, over a network (often the internet) to computers and mobile devices. Examples include: iCloud, Evernote, Dropbox, or Microsoft's SkyDrive.

Responsibilities

While cloud computing can offer some conveniences, there are limitations one must recognize when using a non-Texas A&M-contracted cloud-based service:

Security: Texas A&M has no control over how a third party stores and protects your data.
Privacy: Texas A&M cannot guarantee with whom your data is shared.
Integrity: Texas A&M does not have the ability to recover lost data.

Data Classification Terms (based on TAMU SAP 29.01.03.M1.29)

Confidential: Information that must be protected from unauthorized disclosure or public release based on state or federal law (e.g. the Texas Public Information Act and other constitutional, statutory, judicial, and legal agreements). Examples of "Confidential" data may include but are not limited to:

Personally Identifiable Information, such as a name in combination with Social Security number (SSN) and/or financial account numbers
Student Education Records
Intellectual Property as set forth in section 51.914 of the Texas Education Code
Medical Records

Mission Critical: Information that is defined by the University or information resource owner to be essential to the continued performance of the mission of the University or department. Unavailability of such information would result in more than an inconvenience. An event causing the unavailability of mission critical information would result in consequences such as significant financial loss, institutional embarrassment, failure to comply with regulations or legal obligations, or closure of the University or department.

Sensitive: An optional TAMU or owner-defined category. Sensitive data that may be subject to disclosure or release under the Texas Public Information Act, but requires additional levels of protection. Examples of sensitive data may include but are not limited to the following:

Operational information
Personnel records
Information security procedures
Research
Internal communications