DCU Digital Identity Retention Policy Resource Page

Welcome to the DCU Digital Identity Retention Policy Resource Page

As Dublin City University continues to enhance data protection and cybersecurity, the introduction of the DCU Digital Identity Retention Policy, effective May 1, 2024, marks a significant step forward. This policy is designed to ensure the security and integrity of our digital environment, affecting how digital identities and associated data are managed for staff transitioning out of DCU.

To view and download the policy please visit: Digital Identity Retention Policy

The video provider requires that you accept marketing and statistics cookies in order to view this video.

To support you through this transition, we've compiled essential resources, including FAQs, detailed guidelines, and instructional videos.

These resources will guide you on how to effectively manage your digital data, including creating Shared Drives and handling data on Google Drive.

Vital skills in aligning with the new policy requirements.

Begin by exploring our instructional videos below:

Creating Shared Drives: Learn how to set up Shared Drives for team collaboration, ensuring continuous access to essential documents.
Managing Shared Data in Google Drive: Discover best practices for managing and securing your data on Google Drive.

Followed by comprehensive FAQs and guidelines, these resources are here to ensure you're fully prepared and compliant with the new policy. Your cooperation is crucial in maintaining the security and continuity of our digital workspace at DCU.

What are shared drives?

Shared drives, are an integral feature within Google Drive, offer a dynamic and collaborative environment for teams to manage, locate, and access their files collectively. Unlike the conventional "My Drive," which serves as a personal storage space for individual users, shared drives are communal areas where the ownership of files and folders lies with the organisation, in this case, DCU, rather than any single member.

The video provider requires that you accept marketing and statistics cookies in order to view this video.

Think of a Shared Drive as a set of shared files and folders that everyone on a team owns.

Key features of shared drives

Files and folders persist after someone leaves

Your organization owns the files in a shared drive, not an individual. When someone leaves and an admin deletes their account, files they added or created in shared drives remain.
Flexible sharing

Access to files and folders in shared drives is granted in two ways: 1) adding a user or group as a member of the shared drive, and 2) members sharing files and folders with non-members.
1. Easy, consistent sharing for members. All members of a shared drive see the same content so you don’t have to spend time addressing sharing requests. You can add a group as a member of a shared drive. Then when a user is added to the group, Google Groups automatically adds them to all the shared drives that include that group. Members are assigned access levels, which control what they can do with files and the shared drive.
2. Tailored sharing for non-members. If allowed, members of a shared drive can share individual files and folders with non-members. This option lets you share only what a non-member needs access to, without sharing everything in the shared drive.
External people can work in your shared drives (if allowed by your organization)

If your organization allows, you can add external people to a shared drive as long as they have an email address associated with a Google account. Any content an external person contributes (for example, edits to, creating, or uploading a file) in a shared drive created by someone in your organization is transferred to and owned by your organization.

For people whose Google Workspace edition doesn't include shared drives, you can only add them with Viewer access. However, you might be able to give them comment or edit access to specific files in the shared drive, depending on folder permissions. See How sharing a folder in a shared drive works.
Sync shared drives to your desktop

You can access your shared drives on your computer using Google Drive for desktop.

Compare shared drives with My Drive

	My Drive	Shared Drive
Who can add files?	The owner of the Drive.	Any member with Contributor access or higher.
Who owns files and folders?	The individual who created the file or folder.	The team.
Can I move files and folders?	Yes, you can move files and folders around in My Drive.	If you have Contributor access or higher, you can move files from My Drive to a shared drive. If you have Content manager access or higher, you can move files and folders within a shared drive. If you have Manager access, you can move files out of a shared drive or between shared drives. You can also move folders from My Drive to a shared drive.
Can I sync files to my computer?	Yes, using Google Drive for desktop. For details, see What can you do with Drive for desktop.	Yes, using Google Drive for desktop.
How does sharing work?	People might see different files in a folder, depending on their access to individual files.	All members of the shared drive see all files.
How long do files I delete stay in Trash?	Files and folders in Trash are deleted forever after 30 days. You can also delete files in Trash by selecting Delete Forever.	Each shared drive has its own Trash. Members with Content manager access and above can move files to Trash. Files and folders in Trash are deleted forever after 30 days. Members with Manager access can permanently delete files before 30 days.
Can I restore files?	Yes, if you’re an owner of the file.	Yes, if you have at least Contributor access.

Managing Shared Data In Google Drive

By leveraging shared drives, teams within DCU can foster a more cohesive and efficient work environment. It provides a stable and secure platform for storing shared resources, facilitating seamless collaboration, and ensuring that essential information remains readily accessible to every team member, irrespective of changes within the team structure.

The video provider requires that you accept marketing and statistics cookies in order to view this video.

Unlike files in My Drive, files in a shared drive belong to the team instead of an individual. Even if members leave, the files stay exactly where they are so your team can continue to share information and get work done.

Common uses for shared drives:

Projects—For people involved in the same project.
Events—For people working for a defined period on a specific event or deliverable.
Templates—For files that people can copy and reuse.
Company-wide files—For files everyone needs access to, such as training files.
Sensitive files—For highly sensitive files, where you can add extra security to limit access.

Google Accounts FAQs
Guidelines and Best practise for use of DCU Google Accounts

DCU recently introduced a new Digital Identity Retention policy. One of the key points in this policy means the data in the dcu.ie personal accounts of anyone who leaves DCU will be deleted. This means any data shared by a personal account will also disappear.

Therefore data and accounts should be managed so as to ensure secure and convenient access to DCU data as staff change roles

There are several things we can do manage this. This includes using the follow features:

Guidelines of usage of accounts - ISS provide Guidelines on the usage of Google accounts. Following these guidelines will minimise any disruption by the movement of staff.
Shared Drives - shared drives are drives in Google Drive that are not specifically owned by a person. This means even if an individual account is deleted the data will remain.
Generic Accounts - Generic accounts are Google Accounts that are associated with a role, department, project or team rather than an individual. Again that means if a person leaves all the data can easily be retained and transferred to someone else.

These FAQs will provide helpful information and resources on following the Guidelines.

Where can I find Guidelines on using Google Accounts

You can find the guidelines here:

Guidelines and Best practise for use of DCU Google Accounts

How can I request a generic account

To request a generic account please fill in the following form:

https://www.dcu.ie/iss/generic-account-application

How do I see what files have been shared with me?

A guide to viewing files shared with you can be found here:

Find files shared with you in Drive - Computer - Google Drive Help

How do I set up and use Shared Drives?

Shared drives are very useful as the files contained are no longer connected to a single individual. This means that unlike sharing a folder, if the owner leaves the files will not be deleted.

Department level Shared Drives should be set up with the departmental Generic account.

For more information on setting up and using Shared Drives follow the link below:

Store & share files or folders with shared drives - Computer - Google Docs Editors Help

How do I transfer ownership of a file to somebody else?

To transfer ownership of a file follow the instructions below:

Make someone else the owner of your file - Computer - Google Drive Help

I need to keep a file that is shared with me by somebody who is leaving/has left?

The easiest solution to the problem is simply to make a copy of the file. You will then be the owner of the copied file.

Other ways are, if you or someone you can contact has the correct permissions, to move the file to a Shared Drive. This will prevent deletion as ownership will move to the Drive rather than the individual.

If the owner hasn't still left you can request them directly to transfer ownership to you.

Where can I find more information on using YouTube brand channels

Google provides information on using YouTube brand channels at the following links:

Manage your Brand Account - Computer - Google Account Help

Move your YouTube channel from one Brand Account to another - YouTube Help (google.com)

Please bear in mind that converting your channel to a brand channel will lose some data such as comments on videos.

Regularly returning DCU employees

There is no exceptions in the Digital Identity Retention policy for regularly returning employees.

If your work with DCU involves regular breaks in contract you will still lose access to your DCU account as your existing contract ends and your data will still be deleted (except in case the break in contract is for a very short period and the data deletion has not been processed).

If you want to keep the data so you will still have it upon your return then you should use Shared Drives as outlined elsewhere on this page.

Important notice

As the new Digital Identity Retention policy has come into effect this will have implications for DCU data.

We ask all members of staff to look at both data shared with you and data you have shared with others and take steps to ensure any data required by the organisation will persist beyond the departure of any particular individual.

After May 3rd 2024 legacy data will be deleted so any data shared by leavers will be gone unless steps are taken to ensure it e.g. make a copy, move to a Shared Drive or organise a transfer of ownership.

Principles

There are two key principles in using DCU Google accounts:

No personal information should be stored, managed or processed on DCU accounts
Data and accounts should be managed so as to ensure secure and convenient access to DCU data as staff change roles

Guidelines

Use your Google DCU account only for work-related purposes and not for personal or unauthorised activities.
Keep your Google DCU account password secure and do not share it with anyone else.
Follow the security policies and best practices of your organisation and Google when using your Google DCU account.
Respect the privacy and confidentiality of your organisation and its clients, partners, and stakeholders when using your Google DCU account.
Do not use your Google DCU account to send or receive any content that is illegal, offensive, abusive, harassing, discriminatory, or otherwise inappropriate.
Do not use your Google DCU account to access or store any content that violates the intellectual property rights of others.
Do not use your Google DCU account to engage in any activity that could harm the reputation or interests of DCU
Report any suspicious or unauthorised activity on your Google DCU account to ISS as soon as possible.

Using Generic accounts and Shared Drives

Generic accounts and Staff Drives are the main methods that can be used to ensure organisational data persistence as staff move on. Both are explained below and examples of when to use them will be provided in the individual service guides.

Generic accounts

Generic accounts are special accounts that are not tied to a single person, but rather to a role or department. They have a unique username and password that is managed by an individual who can then assign delegated access to the Gmail account to others. Generic accounts are allowed for Department or unit heads.

To request a generic account, you need to fill out this form and provide the following information:

The purpose and scope of the account
The name and contact details of the account owner
The list of authorised users who will have access to the account
The duration of the account (if applicable)

If the request is approved, you will receive an email with the account details and instructions on how to use it. You are responsible for ensuring that the account is used in compliance with Google policies and guidelines. You should also review the account activity and permissions regularly and report any issues or concerns to the ISS.

Shared Drives

Shared drives are special folders in Google Drive. They are not the same as Shared Folders. When a file is placed or created in a Shared Drive the ownership of the files transfers to the Shared Drive itself, not an individual. It is convenient to set up a Shared Drive with multiple managers and to transfer ownership when necessary. This makes it easy to handle staff departures. For more casual groups anyone can set up a Shared Drive and share with the appropriate people but more formal Drives should be set up with a generic account. Correct use of Shared Drives will ensure no action needs to be taken when a staff member departs.

Using Gmail

Do not store personal data in your DCU Gmail account or set up personal online services or utilities using the account.

For business purposes consider whether the communication would be best sent from a generic department service account (a generic service account is a Google account that is set up for a department, group or role rather than for a specific individual e.g. schoolofwidgets@dcu.ie). This should be considered if the communications should be kept for record keeping purposes or to pass on to a successor in the role.

Using Drive

Do not store personal documents and photos in your DCU Drive account.

When sharing a document you consider whether the document may be required by others after you leave. Documents shared by you will disappear permanently after you leave. Using Google Shared drives can avoid this. The file is owned by the Shared Drive so will not be removed when a member of staff leaves. In some cases a Shared Drive may not be appropriate. In this case proper documentation should be kept so that a transfer of ownership can take place prior to leaving.

Using YouTube

Ownership of YouTube videos can only be transferred in very specific circumstances, most of which do not apply to DCU. Therefore, when uploading videos for on-going use using a departmental generic service account should be strongly considered.

In the case of existing videos uploaded to individual accounts, the only two ways currently to keep them is to download them then upload them to another account or to make your account a Branded account and then transfer ownership (see below). As well as the work involved in either of these steps references to the videos in Loop etc will also need to be updated so going forward please consider the use of generic service accounts.

It is good practice to always keep a local copy of the video uploaded to YouTube so that it will always be available if it is required elsewhere.

YouTube offers a feature called Brand Accounts which does allow for collaboration and change of ownership so it may be useful in some use cases. However, setting up the brand account and using these features such as the ownership transfer can be complex to use so in many cases it would be best to use something like the department generic account. More information on using Brand channels can be found the FAQs.