Usage of external cloud services
Assessments for the usage of external cloud services at ETH Zurich
Assessment for service intermediaries (download for Adobe Acrobat):
protected page Release Form ?External Cloud Service?
To handover to service intermediaries outside ETH
protected page Questionnaire for Cloud Assessment
Assessment for information owners (download for Adobe Acrobat):
protected page Outplacing Information to an external Cloud Service
Please submit the compiled forms to the CISO of ETH Zurich.
List of released external cloud services
You can find the list of external cloud services released for use at ETH Zurich here: protected page List of external cloud services
The IT-Guidelines and IT- Baseline Protections Rules of ETH Zurich regulate the use of information in external IT services (e.g., external cloud services).
Following the above procedure creates the possibility for storing and processing data classified as "internal" and "confidential" in specific external cloud services that have been evaluated and approved for this purpose, with corresponding security and data protection standards.
Data classified as "strictly confidential" must not be stored in the cloud (compare Art. 22 resp. Art. 22bis of the Directive on Information Security at ETH Zurich).