Policy Manual

GCshare, Central Data Storage Procedure

Background

Georgia College & State University (GCSU) realizes that information security is paramount in today’s world. At the same time, access to information has become a requirement in today’s workplace. The Division of Information Technology (IT) in coordination with the Office of the President has made available file storage for use in situations where faculty and staff must store sensitive information. The sensitive nature of that information mandates that procedures be in place for the acceptable use of the storage server.

Procedures

Space Allocation

A request must be made in writing to the IT detailing the intended use as well as the nature of the information. Once the request has been submitted to the IT, the Chief Information Officer (CIO) or designee will approve or deny the request based upon the information provided. A separate request must be submitted for each project so that an inventory of information can be updated in the event of loss or intrusion.

Acceptable Use

  • The GCShare storage space, once granted, shall be used solely for the purpose described in the initial request.
  • GCShare shall not be used to store personal information or documents unrelated to University business and the purposed described in the request.
  • Information stored on GCShare shall be deleted once the designated project has ended. Notification shall be made by the user to the CIO that the project has ended. At this time, the designated share and its associated space allocation shall be removed from GCShare.
  • Upon termination of employment at GCSU, the employee’s supervisor shall request written permission from the University’s Legal Counsel to transfer the use and registration of the storage space to the supervisor or designee. Upon receiving permission from Legal Counsel, documentation to that effect shall be submitted to the CIO for inclusion in the security file associated with the share.
  • Upon termination of employment at GCSU, the employee’s supervisor shall notify the CIO in writing, and access to the share shall be restricted until such time as registration of the share is transferred.
  • It is the intent in creating GCShare that use of this service will preclude the necessity to store sensitive information on client computers. Client computers are typically far less secure than GCShare in many respects. Storing sensitive information on client computers opens the possibility of not only remote access by unauthorized parties, but also loss of the information due to theft and a host of other issues as well. Users of GCShare shall not store sensitive information on client computers, removable media, or other digital devices. Similarly, hardcopy documents detailing sensitive information shall be stored in a secure and locked environment. Destruction of these documents shall be via shredder and preferably witnessed.
  • Documents, files, and data stored on GCShare shall be; to the best of the user’s knowledge, virus free.
  • All information stored on GCShare shall be obtained legally.
  • Access to information stored on GCShare shall not violate local, state, or federal regulations. Additionally access to information shall not violate this or any other GCSU policy or procedure.