Privacy Policy

IET Cloud Services Brokerage Privacy Policy

updated 2019-12-05

The UC Davis IET Cloud Services Brokerage (CSB) offers various intermediation services as outlined in the UC Davis Service Catalog. The terms, conditions, parameters, and disclosures for these services are outlined below.

  1. All usage of cloud services by customers of the CSB will be conducted pursuant to applicable UC and UC Davis policies, including the Acceptable Use Policy (AUP).

  2. Customer profile data collected through the use of the services may be used for billing, reporting, and analytics purposes.

  3. Excepting efforts necessary to service customer support requests, CSB staff access to customer cloud resources will be constrained as follows:

    1. CSB staff will not alter customer configurations. 

    2. Programmatic logins to customer resources will be limited to the minimum necessary to support billing and security reporting requirements. Interactive logins to customer resources will be limited to "break glass" or non-consensual access functions.

    3. Should a campus application administrator, data steward, or another appropriate officer of the University require access for legitimate business purposes to cloud resources provisioned through the CSB but be unable to gain said access through the customer, the standard "non-consensual access" process will be invoked.

    4. In order to help maintain the security of campus-affiliated campus computing resources, log data relating to administrative console access and usage, as well as instance login and network flow data may be analyzed to detect potential security breaches or threats. Access to this log data will follow a "minimum necessary" rule and will be done by automated systems (such as a SIEM) rather than a human operator to the extent possible.

    5. Security vulnerability scanning may be performed by the UC Davis Information Security Office (ISO) in a manner consistent with the scanning of on-premise campus networks.

    6. Volumetric and aggregate network flow data may be reported on in order to facilitate technical and financial capacity planning, including, but not limited to, sizing of campus interconnect links and balancing of resource distributions. The data content of network traffic will not be accessed.

    7. Network traffic between customer cloud resources and campus resources is subject to the same hygiene provisions as other traffic traversing the campus network border. This activity is governed by existing campus policy and practice.

    8. Cloud resources adversely impacting UC Davis computing resources are subject to action by CSB staff if a customer cannot be contacted or is unable to respond to such an incident in a timely manner.

    9. Cloud resources suspected to be abandoned are subject to deactivation and/or reclamation by CSB staff if business need cannot be confirmed through attempts to reach customer contacts.

  4. These provisions are subject to modification with 30-day advance notice. Customers will be notified of any such changes by means of an email sent to account point-of-contact, billing, and technical contacts on record as well as updates to the CSB ordering portal.

The customer placing this order agrees to the terms and conditions described above.

Revision history
Version Date Notes

20191122.003

2019-12-05 Initial publication to site