Yale classifies its data and IT Systems as high, moderate, or low risk.
As a user of Yale’s data, you are responsible for ensuring you access and store your data in services that match your risk classification.
Do you know the risk of the work that you do? If not, visit our Risk Classification Guideline to learn more.
Looking for a service to do your work at Yale securely? This page outlines commonly used services at Yale. These services can be configured to meet the highest risk classification listed when used appropriately.
Note: this page replaces what was previously called the Approved Services page.
Find services that can meet your risk classification
Below is a list of commonly used services at Yale. The chart indicates the highest risk classification the service can meet.
The Information Security Office (ISO) offers the Security Planning Assessment (SPA) process. The SPA process can confirm if services are secure for the risk classification of your work. This includes services not listed below.
Request a SPA Learn more about the SPA
| Services | Low Risk | Moderate Risk | High Risk |
|---|---|---|---|
| Audio and Video Conferencing: Zoom, Skype for Business, Microsoft Teams | Yes | Yes | Yes |
| Audio and Video Conferencing: WebEx, Cisco Meeting Place | Yes | ||
| Data Backup: CrashPlan, Storage@Yale | Yes | Yes | Yes |
| Calendar: Office 365 | Yes | Yes | Yes |
| Calendar: EliApps | |||
| Clinical Trials Management: Oncore | Yes | Yes | Yes |
| Content Management: Drupal, CampusPress (WordPress) | Yes | ||
| Document Management: Box at Yale, EliApps, Google Team Drive, Globus | Yes | Yes | |
| Document Management: Secure Box, Sharepoint, Storage @ Yale, Office 365 OneDrive, Microsoft Teams, FileNet | Yes | Yes | Yes |
| Email: Office 365 (for internal and YNHH systems), Office 365 (for external, use encrypted email) | Yes | Yes | Yes |
| Email: EliApps, Google Mail | Yes | Yes | |
| Encryption: Bitlocker, FileVault | Yes | Yes | Yes |
| File Storage: Storage @ Yale, Secure Box, O365 One Drive, Microsoft Teams | Yes | Yes | Yes |
| File Storage: Box at Yale, EliApps, Google Team Drive, Globus | Yes | Yes | |
| File Transfer: Secure USB | Yes | Yes | Yes |
| Instant Messaging: O365 Skype for Business, Microsoft Teams | Yes | Yes | Yes |
| IT Service Management: Service-Now | Yes | Yes | |
| Survey Tool: Qualtrics | Yes | Yes | Yes |
| Survey Tool: Survey Monkey, Doodle, Sawtooth | Yes | ||
| Voice Messaging: Cisco Unified Messaging | Yes | ||
| Virtual Private Network (VPN): ITS VPN | Yes | Yes | Yes |
All systems used to access Yale data must meet the Minimum Security Standards for their risk classification. See the Risk Classification Guideline or Yale’s Minimum Security Standards for more details.