Google Workspace Information Security Standards
Overview
You are personally responsible for how you share University information you place in Pepperdine Google Workspace Drive and Apps. In summary: Do not store or transmit RESTRICTED information with Google Workspace; do not share Confidential information to "anyone with the link" but only with specific individuals and groups; do not use personal Google accounts to do University work. For detailed Google Security facts and procedures see the Security Standards and Guidelines for Google Workspace white paper from Pepperdine Information Security.
Skip to a Specific Guideline or Standard:
Confidential Information in Drive |
Google Workspace Security |
Advertising Limits in Google Workspace |
Sharing Email and Calendar |
Personal Accounts for Pepperdine Business |
Information in Drive
Almost all educational and business records, including email, at Pepperdine is Confidential data. For detailed information on data classification see the University policy.
Sharing Option |
When to Use This Option |
What This Option Does |
PrivateOnly people explicitly granted permission can access. Sign-in required. |
Recommended |
This option keeps the doc/file private to the owner of the document and to those the owner of the document specifies the file can be visible to. This will require users to enter their Pepperdine NetworkID and Password to access the information. The owner of the document can also list a Google Group that contains only the appropriate Pepperdine users. |
People at Pepperdine University with the linkPeople at Pepperdine University who have the link can access. |
Permitted when appropriate |
This will require users to enter their Pepperdine NetworkID and Password to access the information. Remember: Before selecting this option ask yourself is the information a need-to-know for all faculty, staff, and students at Pepperdine? |
Pepperdine UniversityPeople at Pepperdine University who have the link can access. |
Permitted when appropriate |
This will require users to enter their Pepperdine NetworkID and Password to access the information. Remember: Before selecting this option ask yourself is the information a need-to-know for all faculty, staff, and students at Pepperdine? |
Anyone with the linkAnyone who has the link can access. No sign-in required. |
Never with this class of information |
This option bypasses the required password security. |
Public on the webAnyone on the Internet can find and access. No sign-in required. |
Never with this class of information |
This option bypasses the required password security. |
NOTE: When documents or files are moved into a shared folder (folders within Google Drive that are shared with a specified group of users) those files will adopt the same sharing setting of the shared folder. Be sure to check a file's sharing permissions when you move it from folder to folder to ensure the proper sharing setting are engaged.
Google Workspace Security
The systems that make up Google Workspace for Education are as secure as Pepperdine University's best local systems, if not more so. You are the key to security and ensuring the appropriate documents are shared with the appropriate people to preserve the trust in the University.
Advertising Limits and Privacy in Google Workspace for Education
Google Workspace for Education terms do not permit ads or tracking in the core services. In contrast to commercial Google Workspace instances, all indexing done by Google in Google Workspace is private to our organization's individual users (e.g. to allow you to search your documents folders or inbox). Find out more about Google Workspace privacy on their answer page or read the Google Workspace for Education privacy notice.
Sharing Email and Calendar
It is actually prohibited by University policy to share your password to access email or calendar. Sharing can be accomplished via Delegate Access in Google Mail and Calendar Sharing in Google Calendar.
Personal Accounts for Pepperdine Business
While many people access their consumer Gmail and Drive accounts for personal reasons during the workday, this is not a reason to use a personal account to handle work or store University data. Use of personal email and cloud storage for handling University business or records is strongly discouraged as it removes University control from its data.