SecureShare File Share Requests and Share Owner Responsibilities

SecureShare file shares are for storing and archiving confidential data for a period of time.

• Share access is restricted to a small group of people.
• Shares are accessible only from “trusted” (faculty/staff) computers on campus using the VPN connection profile On_Campus_Secure_Data_Access in the Cisco AnyConnect client.
• Shares can be requested by opening a TechHelp ticket.
• Share access is controlled by permissions groups managed by specific share owners, known as group sponsors.

Responsibilities

Share owner responsibilities include:

• Maintain read-only and read/write access to the share.
• Establish file management procedures to ensure efficient and appropriate use of the share.
• Communicate how to open and use the share with all share participants.
• Answer questions on an ongoing basis.
• Notify the Office of Technology Services if a share is no longer needed.
• Make sure that data stored in the share follows university retention policies.
• Maintain records of who has access.
• Perform periodic audits of permission group membership and sponsors (share owners).

Permissions

• Share owners are responsible for maintaining permissions for the share.
• Multiple share owners may be identified to provide backup for the primary share owner.
• For each share, there will be two permissions groups:
  • One for ReadOnly permissions
  • One for ReadWrite permissions.
• Permissions are for the entire share; additional granularity of permissions is not supported. 
• Share owners are sponsors of these permissions groups. The Office of Information Security requires share owners to periodically perform audits of permission group sponsors and members.
• For instructions, see the Manage File Share Permissions Groups article.

Data retention

• As a SecureShare owner, you are responsible for maintaining retention records for documents that contain confidential data.
• Elements in the retention record should include, but not be limited to:
  • The purpose of the documents
  • How long you need to store the documents.
• You may wish to store the retention records/documentation in a specific folder on the file share itself, as well as retain a copy on your own.

Share access

• Shares are accessible from “trusted” (faculty/staff) desktop computers on campus using the VPN connection profile On_Campus_Secure_Data_Access in the Cisco AnyConnect client.
• Direct access to SecureShare file shares from wireless networks, lab computers, conference room computers, other shared computers, and other VPN connections is not permitted.
• Faculty and staff who need to access a SecureShare file share via a wireless laptop or shared computer may connect to their main desktop via Remote Desktop (http://remotedesktop.towson.edu) and then connect to the share.

Backups

• Shares are backed up nightly, with the standard 10-day retention and 10 versions.
• Requests to restore files should be submitted through TechHelp (http://techhelp.towson.edu) or by contacting the OTS Help Center.

Request a SecureShare

To create a new SecureShare:

1. Open a ticket from the TechHelp Services File Share Category.
2. Specify a name for the share, preferably something specific to its purpose.
   • 8-18 characters in length
   • No spaces
   • Letters and numbers only
   • Share names are ultimately decided by OTS to avoid conflicts with existing and potential share names
3. Once the share is ready, OTS will send the share owner information including the share name, names of the permissions groups, and instructions.
4. The Office of Information Security will periodically request that the share owners audit (review) the permission group sponsors and members.