Information about services in the cloud
Services in the cloud or, in other words, services that are available via the Internet at any location and at any time, are available for almost every purpose. The providers already provide considerable resources (e.g. storage space) in free offers and the access options are extremely easy.
When using it - in private as well as in the professional environment - one should always be clear about the conditions and risks of the provider. In addition to the Sync&Share Policy Universität Hamburg on this page you will find information and practical examples for handling your data. You should use the services of the regional computing center, especially in the professional environment at the Universität Hamburg.
Cloud Services Glossary
Authentification
The authentication ensures that the identity of a user can be clearly proven. It is not to be confused with the authentication with which a user logs on to a computer system, e.g. with a user name and password. After this registration, the check is carried out with an identity provider who has saved user data. If the authentication is positive, the computer systems receive the user's authorization data, such as name and access rights.
In most cases, authentication is based on the assumption that a person who has been identified once, e.g. through personal documents, will not pass on the login data (user name and password). With higher security requirements, additional features such as fingerprint, iris scan or SMS PIN can be stored to make unauthorized access more difficult.
Cloud-Computing
Cloud computing describes the provision of IT infrastructure such as storage space, computing power or application software as a service via the Internet.
A definition of cloud computing:
Mell, P. and Grance, T. (2011). The NIST Definition of Cloud Computing. NIST – National Institute of Standards and Technology, Special Publication 800-145, DOI:10.6028/NIST.SP.800-145.
Encryption
Encryption or encryption of data and communication increases security, as it makes access to the data and communication significantly more difficult for people without a key. Depending on the encryption method used, the encryption can already be "cracked" by experts today or in the future; there is no absolute security here either.
It is important that the key is protected from unauthorized access and is stored securely. Encrypted data becomes a problem with long-term storage if information about the encryption and/or the key is lost.
Information from the Federal Office for Information Security:
Data protection in the cloud
According to a ruling by the European Court of Justice, data is only allowed to reach the USA to a limited extent, which is where over 90% of the cloud computing infrastructure is actually located
If personal data of third parties is stored online, German users, for example, have to convince themselves in advance and then regularly and comprehensibly on site that the requirements of the Federal Data Protection Act are being adhered to, otherwise fines may be imposed
Cloud operators based in the USA are subject to US law and therefore the Patriot Act. Companies based in the USA are therefore forced to deliver data to American authorities that are located on servers in foreign jurisdiction. This has been confirmed by Amazon, Microsoft and Google, for example.
Personal data (e.g. applications, assessments, recruitment documents, etc.) therefore do not belong in the cloud from providers such as Amazon, Microsoft and Google.
Integrity
Integrity (from the Latin integritas, “integrity”, “purity”, “integrity”) is one of the three classic goals of information security alongside availability and confidentiality. There is no uniform definition of the term integrity. In the evaluation criteria for information security of the early 1990s (ITSEC), integrity is defined as “preventing unauthorized modification of information”.
Protection requirement
The protection requirement of an object is based on the extent of the damage that can occur if its functionality is impaired. Since the amount of damage can often not be precisely determined, you should define a number of categories suitable for your application, which you can use to differentiate between the protection requirements. Information on the protection requirement can be derived from the systematically carried out protection requirement analysis on the one hand and from the data category on the other. A protection requirement is determined in a differentiated manner with regard to the three protection goals of availability, integrity and confidentiality.
Sync & Share
Sync & Share describes the offering, use and billing of file services over a network that is dynamically adapted to requirements. As a rule, these file services can be used regardless of time and place with the help of all common IT devices. The IT infrastructure provided remains hidden from the user. Furthermore, data can be shared with other people across organizations in order to e.g. to work cooperatively on joint projects. With Sync & Share it is possible to synchronize data on different device classes.
Confidentiality
Confidentiality is the property of a message that it is only intended for a limited group of recipients. Distribution and publication are not permitted. Confidentiality is protected by legal norms, it can also be promoted or enforced by technical means.
Availability
The availability of a technical system is the probability or the degree that the system will meet certain requirements at a certain point in time or within an agreed time frame. Alternatively, the availability of a set of objects is defined as the proportion of the available objects in the total number of objects in this set (cf. CLC/TR 50126-3). It is a quality criterion and a key figure of a system.
Regional data center cloud services
- UHHSHARE
Save data in the regional data center and access this data via the browser, client software or apps for mobile devices (iOS, Android, Windows). You get 50 GB of storage space, which can also be expanded. UHHSHARE is comparable to Dropbox or similar services in terms of its functionality. - Sharepoint
Would you like to work on documents together? Then use Sharepoint. - Exchange
Exchange offers you mail, contacts and calendar in one. A common calendar is particularly useful for working groups. - GitLab
The RRZ operates a central Git version and project management service for the university. The open source product GitLab is used here. Git is a distributed version control system. You can use it locally on your computer or e.g manage your projects together with other members of the university in the GitLab web frontend provided by the data center. - DFN Terminplaner
Data-efficient alternative to Doodle that works without advertising. - Video Conferencing
With the video conferencing offer of the DFN you can hold video conferences with good sound and picture quality and without security risks. In addition, you can work in the browser without installation and invite participants without registering and even participation by phone is possible. - Attachment Uploader
Sending oversized file attachments by email or using distribution lists? The uploader is the right offer for this.
Use cases or practical examples
The services listed here are just typical examples. The selection does not mean that the services of other providers should not also be critically scrutinized.
Dropbox
Dropbox is a commercially available cloud storage offering. It allows easy synchronization and distribution of documents of all kinds on various platforms. The integration of Dropbox, which is often offered in other programs, makes it difficult to control the data flows.
Use Dropbox only for unproblematic documents and never, for example, for personal documents such as application documents.
Excerpt from the Dropbox Terms of Use:
We collect and use the following data in order to offer, improve and protect our services:
Account - We collect information (and associate it with your account) such as your name and email address, phone number, payment information, mailing address, and account activity. Some of our services allow you to access your accounts and information that you have stored with other service providers.
Services - With our services, we want to make it as easy as possible for you to store your files, collaborate with other users and work across multiple devices. For this purpose, we store, process and transfer your files (in addition to files, messages, comments, photos, etc.) and related information.
GitHub / Sourceforge Software Repository
A use case for scientists with a strong share in software development is the storage and versioning of open source software in publicly accessible repositories. Corresponding - for smaller software projects - free services are provided by Sourceforge or GitHub. These services allow synchronization and also shared access and conflict resolution in joint software development.
There are no problems with open source software. When developing other software with protection requirements or on behalf of companies, using Sourceforge or GitHub is out of the question.
Google offers a large number of services in the cloud. The most well-known solutions are certainly mail, calendar, contacts and docs. All of these services are integrated into the browser and the data can be used in the other service. The ease of use and, in particular, the ability to work on documents together are popular advantages.
All data is stored on Google servers around the world and some of it is also used by Google for internal evaluations.
The Google services are therefore not suitable for official tasks. In particular, personnel matters and other documents and information worthy of protection may not be stored or exchanged there.
Prezi
The Prezi presentation solution allows - unlike PowerPoint or LaTeX Beamer Class - a non-consecutive and interactive presentation. In addition, Prezi is available on almost all platforms with a browser or in its own application (for iOS). The presentations can also be viewed offline with a special license, but synchronization with mobile devices is only possible via Prezi’s own cloud storage. However, this also allows the presentations to be shared in their original form with students or project partners and even worked on together. A free license from Prezi is available, but only allows presentations to be saved in the Prezi cloud.
As long as you only use your own material (text, images, etc.) or material that is not subject to copyright restrictions in a Prezi presentation, there are no restrictions to be observed.
Skype
Skype is one of the most widely used tools for video conferencing or making phone calls over the Internet.
A look at the terms of use, however, shows that there are considerable risks associated with this in a business environment:
To the extent necessary to provide the Services to you and others (e.g. by changing the size, shape or format of your content for better storage or display) to you and to protect the Services and to improve Microsoft's products and services, you grant Microsoft a worldwide royalty-free license for intellectual property to use your content, such as: B. to make copies of your content or to keep, transfer, reformat your content, distribute it using communication tools and display it via the Services.