We've thoroughly investigated the legal situation and there is no reason why most data can't be stored in the cloud.

You may remember that an earlier project rejected a move to cloud computing because of concerns about data security - a number of changes have been made since then which reduce the earlier risks.  

However, there are some significant exceptions - for example, sensitive research data - and departments will need to ensure that such data is handled appropriately. We provide more detailed information on Privacy and data protection, and you can contact the University's Data Protection Co-ordinator for advice.

We believe that Google will provide a more secure email system than we can provide on campus.

Google have 24/7 cover with dedicated security teams, secure data centres worldwide, and many other systems that we cannot duplicate.

In addition to this, if you'd like to protect against the most likely cause of data loss (ie your password being stolen), Google mail supports two-factor authentication, which makes it very secure.

See Getting started with 2-step verification for more information. 

Google Docs is very secure - by default, newly created documents are only accessible by the document owner. Access is granted either by changing the sharing settings (for example, giving individuals or groups the right to view or edit a document) or by adding the document to a collection, so that it inherits the collections sharing settings.

To ensure that offsite connectivity is resilient, we are upgrading our link to the Yorkshire and Humberside Universities' Metropolitan Area Network (YHMAN), which also provides access to SuperJANET and to the Internet.

Access to some Google products is blocked within China. Not all tools within the suite are blocked at all times - it's possible to check the current situation using:

• ReadWrite Enterprise - Google Apps in China
• Blocked in China

You can check whether Google tools are running normally on their status dashboard:

• G Suite Status Dashboard

Our advice is that members of the University visiting or based in China use these resources to see what's currently available/unavailable.

Google also restrict access to some services in certain countries including (at the time of writing) Iran, Sudan, Syria, North Korea and Cuba. They maintain a full list online:

• Countries with restricted access

You may be able to access G Suite using either the University’s VPN or the Virtual Desktop Service. However, it is possible that access to these services may also be blocked in some areas.

Accessing resources using the University VPN

If you are able to connect to the University VPN (Virtual Private Network), it will allow you to access resources which are otherwise restricted in a country. Find out how to access the VPN at:

• Using the VPN

We recommend installing Pulse Secure application to connect to the VPN. This will give you the best experience for using Google Mail and other resources.
Note: If you're using the Web VPN (by logging into https://webvpn.york.ac.uk through your browser), you will find that you are unable to login to your Google account as the Google login screen does not work through the Web VPN.

Accessing resources using the Virtual Desktop Service

You can also connect via the Virtual Desktop Service (VDS).

• Using the VDS

The HTML5 version of the VDS allows you to login through a modern web browser without needing to install any additional software:

• VDS (HTML5 version)

The Virtual Desktop Service allows you to log into a virtual Windows machine running on the University systems. You can use this to access https://mail.google.com, the other G Suite apps (Google Drive, Google Calendar, etc) and other resources.

We would strongly recommend that you don't do this.

Because this is a University-provided facility, it may sometimes be necessary for us to access your email and files This is only done with appropriate permissions and in accordance with legal requirements and University regulations, but we advise that you maintain a separate account for personal email and documents.

When an account is deleted, all the data associated with it - including email, Google Docs, sites etc is deleted. However, this doesn't happen immediately someone leaves - instead the account is suspended for 12 months, which allows a grace period when vital information - for example, shared documents which the department requires access to - can be retrieved by IT Services in accordance with applicable laws and regulations.