University Licensed Cloud Storage Applications
Note: While cloud storage is not a substitute for a data backup strategy, having data replicated in the cloud is insurance against risks like theft or hardware failure.
The following are supported and licensed by UC San Diego for use by faculty, staff, and students
Google Drive (a G Suite for Education application)
For individuals who are unfamiliar, or not yet using Google Drive, more information and how to get started can be found here.
In My Drive, the Principal Investigator (PI),or data owner, can create a hierarchical structure of folders for lab members’ data. Under the UC San Diego licensing agreement with Google, users have unlimited storage space.
We recommend:
- The folder at the highest level not be shared.
- Applying the Principle of Least Privilege, where users are given access only as necessary. This can help to maximize data security, including fewer opportunities for accidental data overwrites or deletions.
- Assigning lab members as a 'contributor', allows for files or folders to be created and shared, but may not be deleted.
- Assigning lab members with 'content manager' access allows for deleting of files or folders at the folder level where access has been granted.
- Consider assigning specific lab members the role of 'content manager' to allow for deletions and cleanup at the level which that member will be the primary contributor (e.g. labmember1 is content manager for folder Project1_LabMember1 but only contributor to the parent folder Project1Name).
- Creating nested folders within the parent folder:
- For each lab member
- For subset(s) of members who share data
- Using a consistent naming convention (e.g., Project1_LabMemberName).
- Sharing only necessary folders with individual lab member-user.
- As appropriate, group leaders create student folders under their own folder and share individually.
- Note: The Drive owner will have to approve share requests made by group leaders or other delegates working under the PI's permissions.
- Limiting the number of users who can access a particular folder in order to minimize the potential for accidental data overwrite or deletion.
- Developing lab procedures that reflect effective practices for data safeguards, oversight, and retention. We do not recommend that students save a separate copy because of potential data synching issues. However, these recommendations do not prohibit anyone from saving a separate copy of their data locally or in their personal Google Drives.
Example of recommended file structure
For more information about G-Suite for Education at UC San Diego, visit this Blink page
Health Sciences personnel should consult this Pulse page
OneDrive for Business
As an alternative to Google Drive, UC San Diego's licensing agreement with Microsoft provides for allocations of 5TB in OneDrive, available to all UC San Diego students, faculty, and staff. A similar folder and permissions structure as outlined above can also be created in OneDrive.
Quick access to OneDrive via web browser.
Points of Note:
- When granting access and applying the Principle of Least Privilege, please note the following for OneDrive:
- Assigning ‘can edit’ privilege to project members, allows for files or folders to be created, modified, deleted, and shared.
- Assigning ‘can view’ privilege to project members, allows for files or folders to be viewed only.
- Members with edit privileges may share folder with others without requiring the owner's permission.
- The UC San Diego Campus OneDrive and UC San Diego Health Sciences OneDrive are under separate licenses.
- Furthermore, the UC San Diego Health Sciences OneDrive licenses are owned independently by departments. These licenses have user allotments of either 1TB and 5TBs depending on the department.
- UC San Diego Health Sciences OneDrive will allow sharing with non-health affiliated users entering the user's full email address and adding as a guest to the shared folder or document.
For more information about OneDrive at UC San Diego, visit this Blink page
Health Sciences personnel should consult this Pulse page
Commercial Cloud Storage Supported by UC Business Associate Agreements (BAA)
Commercial cloud providers offer affordable data storage solutions, in particular long-term storage (cold and archival), and these are often recommended as options for storing secondary copies of data. Those interested in getting started with commercial cloud services should contact research-it@ucsd.edu in order to take advantage of benefits to users under UC San Diego's Consolidated Billing Program.
Benefits may include (depending on the service provider chosen):
- 11% discount on all services under UC negotiated rate
- Additional discount on data egress under UC negotiated rate
- Additional 1% discount offered by reseller
- Federated login
- Multi-factor authentication
- Access to spend-monitoring and security-risk dashboards at no cost (licensed by UC San Diego)
- Monthly recharge billing
- Access to in-house technical expertise
If commercial cloud storage is a solution under consideration, these best practices are advised:
- Be cautious, as data egress (downloading) can be costly and minimum storage durations apply to infrequently accessed data, which may result in additional charges.
- Schedule regular deposits of archival data to reduce the volume of active storage and provide the assurance that data is in a durable and secure environment.
- Consider using automated workflows to move data between storage classes. This can significantly reduce costs.
- The service offerings of cloud providers can be challenging - contact research-it@ucsd.edu for additional guidance and advice.
Example: Cost Savings Between Storage Classes
An illustration of potential cost saving variances between active and cold storage tiers might look as follows:
Amount of Data | Description | Minimum Storage Duration | Retrieval Time | Cost per Month |
|---|---|---|---|---|
| 5TB | Standard: Active data | None | -- | $117 |
| 5TB | Infrequently accessed data | 30 days | -- | $64 |
| 5TB | Very infrequently accessed data | 90 days | Minutes to hours | $20 |
| 5TB | Archival data | 180 days | 12 hours | $6 |
Note: Rates above are shared only as an example and should not be relied upon for accuracy.
Calculating Costs in the Cloud
Please use these calculators to help determine current, actual costs with these service providers.
- Amazon Web Services Pricing Calculator
- Google Cloud Platform Pricing Calculator
- Microsoft Azure Calculator
Learn more about commercial cloud service providers, UC negotiated agreements, and how to request an account under the Consolidated Billing Program here
Need help establishing a data management best practice workflow for your research group or lab? Please contact research-it@ucsd.edu
Last updated: 9/23/20