Usage of external cloud services
Assessments for the usage of external cloud services at ETH Zurich
Assessment for service intermediaries (download for Adobe Acrobat):
protected pageRelease Form «External Cloud Service»lock
Assessment for information owners (download for Adobe Acrobat):
protected pageOutplacing Information to an external Cloud Servicelock
Please submit the compiled forms to the CISO of ETH Zurich.
List of released external cloud services
You can find the list of external cloud services released for use at ETH Zurich here: protected pageList of external cloud serviceslock
The IT-Guidelines and IT- Baseline Protections Rules of ETH Zurich regulate the use of information in external IT services (e.g., external cloud services).
Following the above procedure creates the possibility for storing and processing data classified as "internal" and "confidential" in specific external cloud services that have been evaluated and approved for this purpose, with corresponding security and data protection standards.
Data classified as "strictly confidential" must not be stored in the cloud (compare Art. 22 resp. Art. 22bis of the Directive on Information Security at ETH Zurich).
Further information
- Rules for the usage of external cloud services: IT-Guidelines and IT- Baseline Protections Rules of ETH Zurich
- Regulation for the correct classification of data confidentiality:
Directive on Information Security at ETH Zurich
- Information on the use of ETH IT resources and infrastructure:
ETH Zurich Acceptable Use Policy for Information and Communications Technology (“BOT”)
- Polybox: Storage space that is available to all ETH members. The Polybox also enables collaborative work on documents. Confidential data may be stored in the Polybox.
- If a particularly high level of protection for research data must be ensured, the Scientific IT Services offer suitable platforms such as Leonhard Med.