How to Remotely Access Your Work Data in a

advertisement
How to remotely access your work
data in a safe and sane manner
Andrew Philipoff
Infrastructure Manager
UCSF Department of Medicine
Information Technology Services
How to remotely access your UCSF work
data without getting fired or sued
Andrew Philipoff
Infrastructure Manager
UCSF Department of Medicine
Information Technology Services
Have you ever needed to access your work related
data from outside the UCSF network?
•
•
•
•
•
•
Sick?
Can’t come to work?
Need after hours access?
Working from home?
On vacation?
Traveling?
3
Obtain approval
Please check with your supervisor or human
resources representative prior to working from
home or from a remote location.
4
Where is your work data stored?
•
•
•
•
•
In a shared folder on a UCSF file server (VPN)
On a UCSF desktop computer (VPN)
UCSF Box Service
mail@UCSF email service
MyResearch
5
VPN
• Virtual Private Network
• A method to extend the UCSF network to your
remote location
• https://vpn.ucsf.edu/
• Login with MyAccess credentials
• Web browser based VPN client?
• Network Connect Client (full VPN client)?
6
Web browser based VPN client
•
•
•
•
•
Microsoft Windows: Internet Explorer
Apple OS X: Safari
Map a network drive or a RDP connection
Advantage: Easy to use and configure
Disadvantage: slightly clumsy, need to
download and upload files to edit
• Potentially leaves sensitive files on your
remote computer
7
Network Connect Client (full client)
• Apple OS X, Apple iOS and Microsoft Windows
• Login on https://vpn.ucsf.edu/, click on the Start
button and follow prompts to install
• Advantage: Allows seamless access to shared folders
and other network resources
• Disadvantage: Client installation required, need to
disconnect from shared folders prior to
disconnecting from VPN
8
Use the full VPN client to access a shared
folder on a file server
• Microsoft Windows: Start>Juniper
Networks>Network Connect>Network
Connect
• Apple OS X: Finder>Applications>Network
Connect
• Map a network drive connection:
• Microsoft Windows: \\server.ucsf.edu\folder
• Apple OS X: smb://server.ucsf.edu/folder
9
Data stored on a desktop
• Remote Desktop Protocol
• Microsoft Windows only, RDP clients are not
installed by default on all versions of Windows
• An Apple OS X RDP client is available for
connecting to Windows computers
• Allows you to remotely access and control the
desktop of your Windows work computer
• Use of VPN required
• Not all IT groups allow or support the use of RDP
10
UCSF Box Service
•
•
•
•
•
•
•
•
•
Official UCSF cloud storage solution
What is cloud storage?
https://ucsf.box.com/ VPN not required
Login with MyAccess or Active Directory credentials
Accessible from virtually any web browser or operating
system
60GB of storage, up to 5GB files
Sharing can be enabled with internal and external
collaborators
Install Box Edit to create and edit files
Box CANNOT be used for ePHI, FERPA or sensitive data at
this time
11
Box for Office
• Add-in for Microsoft Office 2007, 2010, and
2013 on Windows computers
• Allows Excel/PowerPoint/Word to access files
stored in the UCSF Box service
• Open, edit and save a file already stored on
Box
• Open a new or existing file locally and save
directly to Box
12
Are other cloud services OK?
• No! No! No!
• The only approved cloud service for use at
UCSF is https://ucsf.box.com/
• Only the UCSF Box service has a business
associates agreement with UCSF
• You may be personally liable for a data breach
involving UCSF data stored in other cloud
storage solutions
13
UCSF Exchange email service
• The mail@UCSF web mail service https://mail.ucsf.edu is
more secure than using the Microsoft Outlook client on a
typical desktop/laptop home computer
• If you configure/use a desktop Outlook client, a cached
copy of your email will be stored on your home computer
• If your home computer is lost or stolen, that cached
email could be accessed without your consent
• Install Box for Outlook to send links to files already stored
in Box and convert attachments to Box shared links
• If you have an encrypted, UCSF provided laptop, using
the installed Outlook client is a secure method of
remotely accessing your email
14
Additional collaborative systems
• Instant messaging via the im@UCSF service
• Video conferencing via Cisco Jabber (formerly
known as Movi)
• Salesforce Chatter
https://ucsf.my.salesforce.com/
• MyResearch: a secure, web based,
collaborative environment that can be used to
store files containing sensitive data
https://myresearch.ucsf.edu/
15
UCSF data policies
• Clearly understand your responsibilities
when handling UCSF data
• UCSF Minimum Security Standards for
Electronic Information Resources Policy
• UCSF Roles and Responsibilities for
Securing Electronic Information Resources
Policy
• UCSF Authorized and Acceptable Use of
Electronic Information Resources Policy
16
Resources
•
•
•
•
•
VPN@UCSF: https://vpn.ucsf.edu/
UCSF Box Service: https://ucsf.box.com/
mail@UCSF: https://mail.ucsf.edu
IM@UCSF: http://it.ucsf.edu/services/im-ucsf
Cisco JABBER Video: http://it.ucsf.edu/services/ciscojabber-video-desktops-and-laptops-formerly-movi
• Salesforce Chatter https://ucsf.my.salesforce.com/
• MyResearch: https://myresearch.ucsf.edu/
• IT@UCSF: http://it.ucsf.edu/
17
Questions?
18
Contact information
Andrew Philipoff
Infrastructure Manager
UCSF Department of Medicine
Information Technology Services
415-476-1344
andrew.philipoff@ucsf.edu
19
Download