Change in file sharing policy with externals via OneDrive or Sharepoint
As of 13 December 2022, additional logging will be enabled for file sharing with remote users (without Solis ID) from Sharepoint or OneDrive. This is done in order to adequately intervene when there is a data breach.
This involves monitoring the following data:
- which UU user shares the file?
- at what moment?
- with which external party/parties is it shared?
- file name and type.
Purpose
The aim of logging the above data is to be able to take adequate and targeted action in case of a data breach. This additional security measure is therefore taken in consultation with the security and privacy departments.
Do I notice anything?
Every time you share a file from Sharepoint or OneDrive with someone outside UU, an e-mail is automatically created containing a link to the file. This gives the external person access to this file. As of 13 December, an additional e-mail address will automatically be in the BCC of these e-mails. A copy of the e-mail will then be sent to a UU e-mail box. You will recognise this by an @uu.nl address with 'Sharepoint' in the name. The emails in the relevant mailbox will not be looked at unless a data breach is reported that may be related to a file. In addition, in the interests of transparency, it will also be made clear to the external (receiving) party that this data is being logged. The external party will receive an e-mail from this address containing a privacy statement in both Dutch and English.
Questions?
Please contact the ICT Service Desk.