skip to content

IT Help and Support

University Information Services
 

AWS uses a shared responsibility model for security and compliance. Broadly, in this AWS is responsible for securing the underlying infrastructure used to deliver its cloud services while you retain responsiblity for any data that your store within your AWS Organization. However, additionally you do continue to be responsible for some elements of security and compliance when using services covered the AWS framework agreement.

The division of responsibilities for security and compliance vary between different services offered under the AWS framework agreement. You must ensure that you are aware of the elements for which you retain responsibility on a per service basis. This is normally outlined in the service description.

 

Consequently when taking any service under the AWS framework agreement you must be aware of the following:

  • AWS is responsible for securing the underlying infrastructure used to deliver its services. However, you may remain responsible for configuration settings relating to patches and maintenance. For example, in some services you may need to configure the periodicity and timings of when software updates are applied and any backups are scheduled.
  • AWS provides security and compliance information through AWS Artifact. You can use this to view Service Organization Control Reports, Payment Card Industry (PCI) Reports and check any certifications that apply to the AWS security controls in use on your AWS Organization account.

  • You can adjust the configuration settings for any service in the AWS console. Such adjustments may affect the security settings applied to your data and other arrangements relating to compliance. Training and support to assist you in developing expertise in how best to configure AWS for your needs is available.
  • The AWS General Data Protection Regulation (GDPR) Centre provides comprehensive information about how different AWS services comply with GDPR. The AWS Data Processing Addendum is incorporated into the AWS service terms.
  • You remain responsible for any data that you tranfer, process or store within AWS and the University continues to be the Data Controller for any such data. Consequently you must ensure that you have analysed the security and any data protection requirements for each of your AWS use cases and that these are appropriate for the data you intend to transfer to AWS.

If you are considering transferring, processing or storing any health data, including anonymised health data, in AWS you must consult in the Clinical School before any data transfers are made.

The University's AWS contractual terms specifically exclude AWS from any liability as a result of data loss.

Phone padded  Service status line: (01223 7)67999
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin

A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >

Latest news

Your University GoogleDrive: 20GB quota limit from December 2022

19 January 2022

Google is replacing its G Suite for Education model licensing model in October 2022. As a result, there will be a new limit of 20GB on personal GoogleDrive spaces provided with G Suite@Cambridge accounts. If your GoogleDrive usage exceeds 20GB after 1 December 2022, your University account GoogleDrive will become read-only until your usage is brought below 20GB.

Moodle offline for upgrade during 06:00–12:00 on Tuesday 11 January

10 January 2022

Moodle will be unavailable from 06:00 to 12:00 on Tuesday 11 January while we upgrade it to version 3.9. During the upgrade, you won’t be able to view or upload sessions on Panopto because access is managed via your Moodle login. Assessment Moodle, ICE Moodle and Clinical School Moodle users will be unaffected. An outline...

HEAT authentication method changing to Azure on 13 January

7 January 2022

We're changing the authentication method for the IT service management system, HEAT, to Microsoft Azure on Thursday 13 January 2022. What is changing? You should continue to use the same URL for accessing HEAT: https://uniofcam.saasiteu.com. However, the 'Sign in' screen you'll be directed to will look slightly different,...