What is Microsoft Teams?
Microsoft (MS) Teams is a collaboration tool for groups to create content and share the information they need to work together. The tool is operated by Microsoft as part of their MS 365 suite. MS Teams enables users within the University to connect via instant messaging, video conferencing and online meetings while simultaneously working together on a document in real-time.
Is Microsoft Teams Suitable for Research at UBC?
Microsoft Teams was configured to facilitate and support collaborative work for UBC staff, faculty and students. Researchers can use Teams to collaborate on research related documentation and store research data, as well as perform administrative tasks such as scheduling, developing protocols and planning.
What is Microsoft OneDrive?
Microsoft (MS) OneDrive is a file hosting and synchronization service operated by Microsoft, as part of their suite of MS 365 applications. MS OneDrive allows users to securely store, share and synchronize files and folders from anywhere at any time.
Is Microsoft OneDrive Suitable for Research at UBC?
Microsoft OneDrive was deployed as a storage solution for UBC electronic information, including research data, and is intended to serve as a replacement for UBC WorkSpace 2.0.
Where does SharePoint fit in?
SharePoint is a cloud-based information management system that allows organizations to store, share and manage content across multiple platforms. SharePoint is the back-end infrastructure that manages both OneDrive and Teams.
Considerations when using UBC OneDrive and Teams for research
Use of the UBC Microsoft Teams and OneDrive is subject to UBC Security Policy SC14 and associated standards. Users and data stewards are responsible for taking appropriate precautions to protect electronic information stored in Teams and/or OneDrive. Research ethics applications must also include the details of data storage, both while data is being collected and after publication.
For more information about these requirements, visit: https://cio.ubc.ca/information-security/policy-standards-resources
Tool-specific Security Considerations:
|Access Management||By default, all users with access to a Teams channel or group can view, modify and/or delete content. For this reason, researchers should use caution when adding users to Teams, and avoid posting/storing information that is not needed by all users.||Data stewards have the ability to define user access and permissions in OneDrive. Appropriate measures should still be taken to ensure access is granted and removed, based on the Principle of Least Privilege.|
|Desktop Application||All Files stored using Teams reside in the Microsoft Cloud. By default, Teams is not configured to access files when not connected to a network.||The desktop OneDrive application will locally store a copy of any files/folders a user has access to. Appropriate precautions should be taken to ensure sensitive information is protected from unauthorized access.|
Electronic Information Storage
While Microsoft Teams and/or OneDrive are generally suited to store electronic research information of all classifications, it is important for data stewards to ensure the information is properly safeguarded based on its classification.
ISS_U1: A Risk Classification for your Data
UBC’s Information Security Standard U1 (ISS U1) is a risk-based matrix designed to inform UBC electronic information owners and custodians about the safeguarding requirements necessary to be compliant with the University policies. Please review the full standard.
! Regardless of the amount of information you store or share with OneDrive, the most sensitive element identified should be the one that defines your electronic information classification.
The following table outlines considerations for certain types of research data.
Electronic information management, access and security considerations
|Electronic Information Type||Information Classification per UBC ISS U1||Considerations|
|Administrative information||Low||Non-confidential administrative research information can be safely stored in Teams or OneDrive.|
|Medium||Access to administrative information of a confidential nature should be limited to authorized users only.|
|Non-proprietary and/or non-regulated research information||Low||Non-proprietary, non-regulated, and/or research information of a non-confidential nature can be safely stored in Teams and/or OneDrive|
|Proprietary and/or regulated information||Medium||Before storing this type of information in Teams or OneDrive you should ensure that the tool(s) meets the requirements of the associated regulations, notably: Data residency, access control, and safeguarding.|
|Information subject to data sharing agreement||Medium; High; Very-High||Before storing this type of information in Teams or OneDrive you should ensure that the tool(s) meets the requirements of the associated regulations, notably: Data residency, access control, and safeguarding.|
|Personal Information, and personally Identifiable Information||High; Very-High||It is recommended that files including personal information and personally identifiable information be password protected or encrypted at file level.|
|Before finalizing your research participant consent forms, determine where your research data will be stored.|
Electronic Information Storage FAQ
Yes, while the risk classification above is modeled on a risk of breach, other risks such as loss of data could result in a researcher applying a high-risk category to their data. Based on your data classification, you must apply the security requirements of UBC Information Security Standard U7 (ISS-U7); but it is also recommended to apply higher security controls to any valuable data file, regardless of their classification.
If your data classification has changed, you should adjust safeguarding measures to meet the requirements of the new data classification. Note that, per Information Security Standard U1 (ISS-U1), classification can go up (e.g.: from Medium to High risk), but not down (e.g.: from Medium to Low risk).
File level encryption is recommended for files containing personal information, personal identifiable information, as well as any confidential files who requires restricted access.
Note: You may be required to encrypt your data if it is subject to a specific regulation, agreement, or 3rd party requirement.
UBC OneDrive and Teams storage are available as part of an agreement between UBC and Microsoft, and will be available for the duration of this agreement (or its extension, where applicable). However, note that access to OneDrive and Teams are contingent on your affiliation with UBC; if you leave the institution, you will lose access to your files. Depending on the nature of your research data, UBC has dedicated repositories for the long-term storage of research data.
For guidance on long-term storage options (archiving or data preservation) and to meet the requirements for retaining research data for a minimum of 5 years after publication, contact:
UBC Vancouver: firstname.lastname@example.org
UBC Okanagan: email@example.com
Deleted data files will be kept in the recycle bin for a maximum of 90 days, after which they will be permanently deleted from the cloud, and will not be recoverable.
Additionally, OneDrive and Teams allow the recovery of a certain number of versions for a specific file. Visit the Microsoft Support knowledge base to learn more about this feature.
Microsoft Teams and OneDrive do not undergo regular backups. If you store valuable or regulated research data, it is recommended that you keep a recurring backup copy of the information outside OneDrive/Teams.
Note: There is no reason for concern about accidental data loss due to the redundancy built into the architecture.
If UBC’s Microsoft Teams or OneDrive are not suitable for your research project, some alternative storage solutions are offered by UBC and other service providers. For more information about these alternatives, contact firstname.lastname@example.org to schedule a consultation with one of our subject matter experts.
Electronic Information Sharing
Microsoft Teams and OneDrive allow information to be accessed and shared with external collaborators (non-UBC users), but with limited tool functionality, notably:
|Access Control||Only Team owners have the ability to invite external collaborators to a team/channel, and may limit guest-user permissions.||Only the OneDrive folder/file owners have the ability to allow external collaborators access, using the OneDrive web-application.|
|Desktop/mobile Application||External collaborators will be able to install and use the Microsoft Teams application with limited capabilities.||External collaborators will not be able to access shared folders/files using the OneDrive desktop/mobile application. Instead, they will have to use the web platform and identity validation will be required every time they access the shared OneDrive location.|
|Collaboration||External collaborators will be able to collaborate on files to which they were provided access, in real time via the Teams desktop, or web application.||External collaborators will be able to collaborate on files to which they were provided access, in real time, only via the OneDrive web application. If the external collaborator requires frequent access to files, it is recommended to share it via Teams instead of OneDrive.|
Electronic Information Sharing FAQ
Yes. When a file or folder is shared, users can use the OneDrive or Teams web-application available through most browsers.
We recommend using the OneDrive web-application to share electronic information, as the interface has comprehensive settings and is design to prevent incidental sharing.
We recommend using the “Files” tab of the Teams desktop or mobile Application has comprehensive settings and is design to prevent incidental sharing
Yes. As the file (or folder) owner, you may decide whether users will have read/write, or read-only access when sharing.
Yes. UBC has approved UBC OneDrive and Teams to store and share electronic information of all classifications. However, it is recommended to password protect (or encrypt at file level) files containing information of sensitive nature that will be shared outside the organization.
Electronic Information Processing
Microsoft Teams and OneDrive have limited functionality for data processing as their sync functionality may interfere with running processes. Here is some guidance on using these tools for data processing tasks:
|Collaboration using Microsoft Office Applications||Teams is specifically designed to allow real-time collaboration on files using Microsoft Office Applications. All Teams users can use the built-in engine to quickly update files such as Word documents, Excel spreadsheets, PowerPoint presentations and more.||Files can be opened using Microsoft Office web-applications and updated in real time (no latency; works well for collaborative editing).
Files can be opened using Microsoft Office desktop applications and updated as OneDrive syncs (low latency; possibility of editing conflicts being introduced).
|Processing and BI Engines||Teams is a purely cloud-based application and does not allow the use of data processing and BI engines with UBC’s current implementation.||Because of its sync functionality, Microsoft OneDrive may interfere with data processing and BI engines.
If you are using such applications, one of the following options is recommended:
|API Connections and Custom Apps||Teams is a purely cloud-based application and does not allow the use of data processing and BI engines with UBC’s current implementation.|
|Use the tool as a Database||Teams and OneDrive are not intended to be used as, or to host databases with UBC’s current implementation.|
Privacy Impact Assessment
OneDrive and Teams had a Privacy Impact Assessment (PIA) completed for use by UBC staff, faculty, and students, and within the UBC environment. If you intend to use UBC Microsoft OneDrive and/or Teams outside the UBC environment (e.g. in a Health-Authority), please consult the data owner first to ensure all privacy and security requirements are met by these tools.
Note: The use of Microsoft OneDrive and Teams for research administrative tasks and data storage is not specifically mentioned in the current PIA, but is implied within the analysis conducted by UBC. For more information about the UBC PIA process, visit: https://privacymatters.ubc.ca/pia-process-overview
To learn more about Microsoft Teams: https://it.ubc.ca/services/email-voice-internet/microsoft-teams/microsoft-teams-faqs
To learn more about Microsoft OneDrive: https://it.ubc.ca/services/web-servers-storage/microsoft-onedrive/microsoft-onedrive-faqs
For technical questions regarding OneDrive or Teams, please contact the UBC IT Service desk.
Security and Privacy inquiries
If you have questions about Security and Privacy for OneDrive and Teams in a research environment, please contact email@example.com.