Dropbox

dropbox enterprise

Overview

Information Technology Services (ITS) has established a licensing program with the cloud storage provider Dropbox. The UH Enterprise Dropbox is intended for the storing, managing, and sharing of Sensitive or Regulated information as defined in UH Executive Policy 2.214 (UH Institutional Data Classification Categories). Dropbox is meant to be used specifically in situations where a UH Department/Unit needs to store and/or collaborate using Sensitive or Regulated data.

Examples of Regulated or Sensitive data include:

Personally Identifiable Information (PII)
Health Insurance Portability and Accountability Act (HIPAA)
Family Educational Rights and Privacy Act (FERPA)
Additional examples of Sensitive and Regulated Data can be found here (UH login required): Institutional Data Classification Levels

Users with a UH Enterprise Dropbox account must follow all applicable UH Policies, HRS, and External Standards and Regulations related to the safeguarding and protection of data being stored in Dropbox: Policies & Compliance

Due to the sensitive nature of data being stored in the UH Enterprise Dropbox, immediately notify the Information Security Team if there is a suspected or confirmed breach of Institutional Data: Report Security-Related Issues or Incidents

As of May 2023, there will not be any chargeback costs for Dropbox accounts. Please check this site periodically for any changes to this licensing program.

Requirements for use of the UH Enterprise Dropbox

Users must be a valid UH faculty or staff member.
The UH Enterprise Dropbox account cannot be a Departmental account.
The UH Enterprise Dropbox environment is intended for those working with Institutional Data categorized as Sensitive or Regulated. Users working with Public and Restricted data should instead use Google@UH Drive.
Working with Sensitive or Regulated data must be from a UH issued device (desktop, laptop, smartphone, etc.).
All devices used to access Sensitive or Regulated data must follow the ITS Minimum Security Standards (MSS) for Sensitive or Regulated data:
Minimum Security Standards. The ITS MSS are a prioritized set of actions that collectively form a defense-in-depth set of best practices that mitigate the most common attacks against systems and networks based on the Institutional Data type.
Users with a UH Enterprise Dropbox account must follow all applicable UH Policies, HRS, and External Standards and Regulations related to the safeguarding and protection of data being stored in Dropbox: Policies & Compliance
User must notify the Information Security Team if there is a suspected or confirmed breach of Institutional Data: Report Security-Related Issues or Incidents
UH Multi Factor Authentication (DUO) must be enabled to use UH Enterprise Dropbox: Getting setup for Multi-Factor Authentication (MFA)
Users must have completed the UH Information Security Awareness Training (ISAT) within the past 1 year. To check the status of your ISAT, please visit the following link: UH Acknowledgements and Certifications (ACER)

FAQs

What type of information should be stored in the UH Enterprise Dropbox?

The UH Enterprise Dropbox is intended as a solution for the storing, managing, and sharing of Institutional Data categorized as Sensitive or Regulated. If the Institutional Data is categorized as Public or Restricted, use Google@UH Drive. The UH Enterprise Dropbox is not intended to store personal, non-work related files.

As a reminder, Institutional Data no longer needed should be removed. Before removing Institutional Data, ensure any applicable retention periods have been satisfied. Retaining Institutional Data longer than necessary increases the risk exposure of the University.

What if I already have an existing personal Dropbox account?

If a user is invited to the UH Enterprise Dropbox, but has an existing account using their @hawaii.edu email address, they will be asked to decide whether to transfer their files to the UH Dropbox or migrate their existing Dropbox account to a different email address.

Transfer an existing Dropbox Basic or Plus account to Dropbox Business

Who is eligible for a UH Enterprise Dropbox Account?

Valid UH faculty and staff with a need for the storing, managing, and sharing of Institutional Data categorized as Sensitive or Regulated may request an account. The UH Enterprise Dropbox account should only be used for UH business purposes.

Can I request for an account using a UH Departmental Email?

No, all UH Enterprise Dropbox accounts must be tied to individual UH accounts. Due to the audit requirements of Sensitive and Regulated data, accounts must be for an individual.

Is Dropbox Sign included with the UH Enterprise Dropbox Account?

No, the Dropbox Sign (formerly HelloSign) is not included with the UH Enterprise Dropbox licensing program. Please use alternative methods to have documents digitally signed.

Will there be a charge for these accounts in the future?

ITS is currently covering the costs of the UH Enterprise Dropbox for the current fiscal year.

How do I login to the UH Enterprise Dropbox using Single Sign On (SSO)?

The UH Enterprise Dropbox leverages Single Sign On (SSO) to login. This means when attempting to login, you will be directed to the UH Login page first. Upon entering your correct username and password, you will then be logged into Dropbox. UH Enterprise Dropbox login page

How do I sync files between my work issued computer and the UH Enterprise Dropbox?

If you wish to sync files between your work issued UH computer and the UH Enterprise Dropbox, you can use the SmartSync app. Download the applicable client

Information on how to use the SmartSync app

Can I use the UH Enterprise Dropbox to request files?

Yes, Dropbox has a feature known as File Request. A File Request link allows anyone to send you a file, regardless of whether they have a Dropbox account or not. When a user sends you a file, it goes to your Dropbox account. Unless you explicitly share the Dropbox folder or files, only you can view these uploaded files.

What happens to my Dropbox account and data if I leave or change departments/units at the University of Hawaii?

If you leave or change departments/units, your data stays within the UH Enterprise Dropbox. Ownership of the data can be transferred to an existing UH Enterprise Dropbox account to ensure the files are not lost. Once ownership of the data has been transferred, the UH Enterprise Dropbox account will be removed.

Are we able to share data outside of the UH Enterprise Dropbox?

It is strongly recommended to NOT share Sensitive or Regulated data outside of approved and authorized individuals. This is especially the case with people outside of the UH Enterprise Dropbox.

If this is necessary, please refer to the applicable Standard, Act, or Policy (e.g., HIPAA, FERPA, etc.) for specific details on any additional controls, guidelines, or recommendations needed: Policies & Compliance

Remember certain policies, standards, and acts have penalties, fines, notification, and reporting requirements associated with the inadvertent exposure of information.

If there is a suspected or confirmed breach of Institutional Data, notify the Information Security Team: Report Security-Related Issues or Incidents

Can I restore a deleted file?

Yes, Dropbox has a feature allowing you to restore a deleted file. The following link provides instructions on how to restore a file: How to restore or recover deleted files or folders in Dropbox

What if the device I use with Dropbox SmartSync app is lost or stolen?

If you have the Dropbox SmartSync app installed and this device is lost or stolen:

Login to your Dropbox account from another device and perform a Remote Wipe. A Remote Wipe will attempt to force delete any files in the Dropbox folder. Instructions to perform a Remote Wipe
Contact the ITS Help Desk at (808) 956-8883 / toll free: (800) 558-2669, or email (help@hawaii.edu) and let them know your device is lost or stolen. The ITS Help Desk will suspend your account, and if not done already, perform a Remote Wipe.
Notify the Information Security Team that your device, which has the Dropbox SmartSync app, is lost or stolen: Report Security-Related Issues or Incidents

What if I do not have an IT Specialist within our Department when requesting a UH Enterprise Dropbox account?

If you do not have an IT Specialist, please enter the contact information of your direct supervisor.

What are the storage limits per user in the UH Enterprise Dropbox?

Users are allowed 2 TB of storage in the UH Enterprise Dropbox. As you near the 2 TB storage quota, you will be sent alert notifications by Dropbox. Exceeding your 2 TB limit will result in not being able to upload or sync any files. You must remove files to bring your account below the 2 TB quota.

Why can't I connect to the UH Enterprise Dropbox from a mobile device via the Dropbox app?

Since the UH Enterprise Dropbox contains Sensitive and/or Regulated data it must be accessed from a UH issued device. Mobile devices include smartphones and tablets. Due to the portable size and common everyday use of mobile devices, they are at increased risk of being lost or stolen.

If your mobile device is issued by UH, please contact the Information Security team at infosec@hawaii.edu, and request an exception.

How many devices may I use to access the UH Enterprise Dropbox simultaneously?

As a reminder, working with Sensitive or Regulated data must be from a UH issued device (desktop, laptop, smartphone, etc.). There are no device limits when accessing the UH Enterprise Dropbox from a web browser. When accessing the UH Enterprise Dropbox from the Dropbox desktop app, you may connect up to 5 devices. Mobile devices are not allowed to connect to the UH Enterprise Dropbox via the Dropbox mobile app.

Helpful Links

Dropbox Account Request Help

Service Offerings (2)

Request Dropbox Account

Submit a request for a UH Enterprise Dropbox account

Request Help

Not seeing what you need? Request Help!

Updating...