Data storage guide for employees

This guide tells you where to process, store, and process information.

Published Updated on

NB! The numbers in the table are reference notes. The notes that correspond to the numbers can be found at the bottom of the article, under "Notes".

The colors in the table are based on the different classifications of information at UiS. Read more about the different information classes and what they mean here.

Storage on Mac, PC or hard drive

Private machine (BYOD)Yes8*NoNo
UiS-owned home machineYes8*NoNo
UiS-operated machineYesYesNoNo
UiS-operated machine - encryptedYesYes1, 3*No
Memory stick / external hard driveYesNoNoNo
Memory stick / external hard drive - encrypted YesYes1, 3*No
VeraCrypt VolumeYesYes1, 3*No
*) See "notes" at the end of this document.


Private e-mail (Gmail, Hotmail or similar)YesNoNoNo
UiS e-mailYesYes2, 3*No
*) See "notes" at the end of this document.

Storage services

UiS TeamsYesYes11*No
UiS OneDriveYesYes12*No
Personal cloud service (Dropbox, Google Drive or similar)YesNoNoNo
UiS Home Area (F: -disk)YesYesYesNo
UiS Common Area (G: disk) (for unit or research group)YesYes6*No
UiS DropboxYesYesNoNo
Uninett FilesenderYesYes3, 4*No
UiS Google Suite for EducationYesNoNoNo
UiS OneDrive (Microsoft 365)YesYes3, 4*No
UiS SharefileYesYesYesNo
UiO TSDYesYesYesYes
UNINETT Sigma2YesYesNoNo
UiS TeamsYesYes3, 4*No
*) See "notes" at the end of this document.

Administrative services

UiS Public 360YesYesYesYes
UiS e-mailYesYes2, 3*No
*) See "notes" at the end of this document.


IntranetYesYesNoNo (Drupal)YesNoNoNo

Other services

Nettskjema (Via TSD)YesYes5*5*
UiS ServiceNowYesYes9*No
UiS CanvasYesYesNoNo
UiS CIMYesYesYesNo
UiS Skype for businessYesYesNoNo
UiS Zoom (*No
SurveyXactYesYesYes, if MFANo
*) See "notes" at the end of this document.

On research data

Two types of data used in research require special attention. These are connection keys, which in special cases are used to connect anonymous data to persons, and consent forms, which belong to persons' submitted information.

Connection keys and consent forms must, as a general rule, always be kept separate from the data to which they belong, and in principle have the same class as the data. TSD contains separate solutions for storing connection keys and consent forms.


1Red data can be stored on a machine with a fully encrypted disk, encrypted memory stick or encrypted external hard drive. FileVault, BitLocker, VeraCrypt etc. can be used as long as they support AES 256/128 bit encryption.
2E-mail with red data can be sent internally at UiS between UiS users, if the label is on. If emails with red data are to be sent to external recipients, the content must be encrypted before sending. Encryption should be done with AES 256/128 bit or better encryption. Such e-mail must NOT be synchronized to a private laptop, mobile phone or forwarded to a private e-mail account.
3Red data should not be downloaded or retrieved to the home area, machines without encrypted disk, or other storage locations that can not store red data.
4The data must be encrypted on the storage medium. For example, use of Microsoft labels (AIP label), 7-zip (password stored elsewhere.), FileSender ("File Encryption (beta)")
5Nettskjema supports the collection of information and transfer directly to TSD, which is approved for storing black data. Red data collected in Nettskjema must be deleted within a reasonable time, or moved to a different storage location or Public 360. Nettskjema dictaphone and picture app stores data encrypted, and is considered to be usable on private devices as well.
6Red data can be stored in common storage drives after assessment and facilitation of access control.
The service is ordered from the service portal.
7Red data is allowed in Zoom, but you have to strictly follow recording guide for red data in Zoom. If you need to record red data in Zoom, follow additional requirements in the recording guide.
8As a general rule, yellow data should not be processed on a private or self-administered machine. Some use is permitted provided that you follow the guidelines for use of a private machine to store yellow data.
9Red data can be stored in UiS ServiceNow after a storage assessment. It must be ensured that red data is not in open queues. There are routines for deleting red data. Contact if you need help with storing, processing or deleting of red data in ServiceNow.
10Project files for Nvivo that contain red data must be stored on a UiS-computer with encrypted hard drive, or an encrypted external drive/memory stick.
11Storing red data in Teams requires that the Team is set to confidential. In addition to this, all files have to be labeled as confidential. See guide for storing red data in Teams and OneDrive (NOR).

Use Teams to cooperate and share files with others. Use OneDrive if the files are only for your own use.
12Storing red data in OneDrive requires that all files are labeled confidential. See guide for storing red data in Teams and OneDrive (NOR).

Use OneDrive for files that are only used by yourself. Use Teams to share files.