UCLA Allowable Data Use - Microsoft Azure Online Services
UCLA faculty and staff use of the cloud computing services available via the UC-wide Microsoft Azure Online Services agreement must comply with applicable University policies, notably policies relating to the protection of University data and the UC Electronic Communications Policy. This includes the data use requirements in the table below, which are based on the UCLA Data Classification Standard and University-negotiated agreements established to help safeguard information about individuals and other confidential information for which the campus is a steward.
Always employ due care when processing, transmitting, or storing sensitive information. Violation of these data use policies may result in disciplinary action up to and including termination.
Contact IT Services Client Support at clientsupport@it.ucla.edu if the data you have is listed in the middle (yellow) column below, if you have data that does not appear in the table, or if you have any other data use questions.
Table 1. Data use requirements for Microsoft Azure Online Services
Permitted |
Contact Client Support |
Prohibited |
---|---|---|
|
|
|
1 A Business Associate Agreement (BAA) is in place between UC and Microsoft, but it currently only covers a subset of available Azure Online Services: Active Directory, Advisor, API Management, Application Insights, Automation, BizTalk Services, Cognitive Services, Cloud Services (Web and Worker Roles), Databricks, DevOps (formerly VSTS), DevTest Labs, Information Protection, Key Vault, Kubernetes Service (AKS), Log Analytics, Media Services, Microsoft Azure Portal, Mobile Services, Monitor, Multi-Factor Authentication, Power BI Embedded, Resource Manager, Rights Management Service, Scheduler, Security Center, Service Bus, SQL Database, Storage (Blobs, Tables, Queues), Traffic Manager, Virtual Machines (including with SQL Server), Virtual Network and Websites.
2 The following Azure Online Services are not currently covered under the Business Associate Agreement (BAA) in place between UC and Microsoft, so may not be used to process, transmit, or store individuals' health information: Backup, Cache, CDN, Event Hubs, ExpressRoute, HDInsight, Machine Learning, Notification Hubs, Azure RemoteApp, Site Recovery and Visual Studio Online.
3 For more information regarding export control regulation at UCLA, see: http://ora.research.ucla.edu/RPC/Pages/nsreg.aspx
4 The UC Microsoft Azure Online Services agreement does not cover third party applications or software that may be designed to run on or otherwise interface with Azure.
Logon to the Software Central Store to access the terms and conditions of the UC Microsoft Azure Online Services Agreement and the UC Microsoft HIPAA BAA Agreement. (valid UCLA logon required)
Follow this link for instructions on How to Establish a Microsoft Azure Online Account at UCLA
Follow this link to view the UCLA Microsoft Azure Online Services Review PowerPoint Presentation
Gartner has published research regarding Microsoft Azure that may be helpful. This research is available to UCLA faculty and staff at no cost under UCLA’s Gartner membership. To access this research, go to UCLA’s Gartner Research Portal, log in with your UCLA credentials and search for:
Microsoft Azure: In-Depth Assessment (G00263763)
Blueprint for Architecting Web Application Availability at Microsoft Azure (G00265214)