University Licensed Cloud Storage Applications

While cloud storage is not a substitute for a data backup strategy, having data replicated in the cloud is insurance against risks like theft or hardware failure. 

The following are supported and licensed by UC San Diego for use by faculty, staff, and students

Google Drive (a G Suite for Education application)

For individuals who are unfamiliar, or not yet using Google Drive, more information and how to get started can be found here.

In My Drive, the Principal Investigator (PI),or data owner, can create a hierarchical structure of folders for lab members’ data. Under the UC San Diego licensing agreement with Google, users have unlimited storage space.

We recommend: 

• The folder at the highest level not be shared. 
• Applying the Principle of Least Privilege, where users are given access only as necessary. This can help to maximize data security, including fewer opportunities for accidental data overwrites or deletions.
  • Assigning lab members as a 'contributor', allows for files or folders to be created and shared, but may not be deleted. 
  • Assigning lab members with 'content manager' access allows for deleting of files or folders at the folder level where access has been granted.
  • Consider assigning specific lab members the role of 'content manager' to allow for deletions and cleanup at the level which that member will be the primary contributor (e.g. labmember1 is content manager for folder Project1_LabMember1 but only contributor to the parent folder Project1Name).
• Creating nested folders within the parent folder:
  • For each lab member 
  • For subset(s) of members who share data
• Using a consistent naming convention (e.g., Project1_LabMemberName).
• Sharing only necessary folders with individual lab member-user.
• As appropriate, group leaders create student folders under their own folder and share individually.
  • Note: The Drive owner will have to approve share requests made by group leaders or other delegates working under the PI's permissions.
• Limiting the number of users who can access a particular folder in order to minimize the potential for accidental data overwrite or deletion. 
• Developing lab procedures that reflect effective practices for data safeguards, oversight, and retention. We do not recommend that students save a separate copy because of potential data synching issues. However, these recommendations do not prohibit anyone from saving a separate copy of their data locally or in their personal Google Drives.

Example of recommended file structure

For more information about G-Suite for Education at UC San Diego, visit this Blink page

Health Sciences personnel should consult this Pulse page

OneDrive for Business

As an alternative to Google Drive, UC San Diego's licensing agreement with Microsoft provides for allocations of 5TB in OneDrive, available to all UC San Diego students, faculty, and staff. A similar folder and permissions structure as outlined above can also be created in OneDrive.

Quick access to OneDrive via web browser.

Points of Note:

• When granting access, there is only an 'allow edit' option that must be checked for members to make changes within the shared folder which includes add and delete permissions.
• Members with edit privileges may share folder with others without requiring the owner's permission.

For more information about OneDrive at UC San Diego, visit this Blink page

Health Sciences personnel should consult this Pulse page

Commercial Cloud Storage Supported by UC Business Associate Agreements (BAA)

Commercial cloud providers offer affordable data storage solutions, in particular long-term storage (cold and archival), and these are often recommended as options for storing secondary copies of data. Those interested in getting started with commercial cloud services should contact research-it@ucsd.edu in order to take advantage of benefits to users under UC San Diego's Consolidated Billing Program.

Benefits may include (depending on the service provider chosen):

• 11% discount on all services under UC negotiated rate
• Additional discount on data egress under UC negotiated rate
• Additional 1% discount offered by reseller
• Federated login
• Multi-factor authentication
• Access to spend-monitoring and security-risk dashboards at no cost (licensed by UC San Diego)
• Monthly recharge billing
• Access to in-house technical expertise 

If commercial cloud storage is a solution under consideration, these tips may be useful:

• Be cautious, as data egress (downloading) can be costly and minimum storage durations apply to infrequently accessed data, which may result in additional charges. 
• Schedule regular deposits of archival data to reduce the volume of active storage and provide the assurance that data is in a durable and secure environment.
• Consider using automated workflows to move data between storage classes. This can significantly reduce costs.
• The service offerings of cloud providers can be challenging - contact research-it@ucsd.edu for additional guidance and advice.

Example: Cost Savings Between Storage Classes

An illustration of potential cost saving variances between active and cold storage tiers might look as follows: 

Note: Rates above are shared only as an example and should not be relied upon for accuracy.

Calculating Costs in the Cloud

Please use these calculators to help determine current, actual costs with these service providers.

• Amazon Web Services Pricing Calculator
• Google Cloud Platform Pricing Calculator
• Microsoft Azure Calculator

Learn more about commercial cloud service providers, UC negotiated agreements, and how to request an account under the Consolidated Billing Program here

Need help establishing a data management best practice workflow for your research group or lab? Please contact research-it@ucsd.edu 

Last updated: 9/23/20