Yale Law School Adds Third-Party Encryption to Office 365 Adoption

  • By Dian Schaffhauser
  • 10/05/16

Although the most common concern expressed by college and university IT professionals about adopting cloud-based applications is related to privacy and security, higher ed cloud implementation is on the rise. In order to "fill gaps in security and compliance," according to a 2015 report by Gartner, some of the most common cloud deployments will rely on third-party tools. In fact, the report noted, by 2018, four in 10 Office 365 deployments will follow that route. By 2020, the IT consulting firm predicted, even though Microsoft will have addressed security and privacy holes, half of customers "will continue using third-party tools to maintain consistent security policies across multiple SaaS products, not just Office 365."

That's exactly what Yale Law School has done in its new university-wide move to Office 365, which was undertaken earlier this year. To maintain control of client communications, the Connecticut institution has adopted Vaultive, a cloud data security platform from a company by the same name.

The Vaultive technology prevents people outside of the university — including Microsoft — from decrypting and accessing cloud-hosted email data. That's an important consideration for organizations as more service providers, including Microsoft, are mandated by law enforcement agencies to release records maintained on their cloud infrastructure.

"In one 18-month period ending in April, the United States government directed more than 2,500 secret legal demands to Microsoft alone," said Doug Lane, vice president of product marketing at Vaultive, in a press release. "As the legal issue of government access to cloud-hosted data plays out in the courts, many organizations have delayed plans to shift to cloud services."

The law school was particularly concerned about maintaining control over information related to legal projects undertaken by its law students.

Vaultive handles encryption of email data — messages, file attachments, calendar items and other information — before it's processed by Microsoft's Office 365 data centers. The encryption keys are kept on premise and maintained solely by the university's IT organization.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • student reading a book with a brain, a protective hand, a computer monitor showing education icons, gears, and leaves

    4 Steps to Responsible AI Implementation

    Researchers at the University of Kansas Center for Innovation, Design & Digital Learning (CIDDL) have published a new framework for the responsible implementation of artificial intelligence at all levels of education.

  • glowing digital brain interacts with an open book, with stacks of books beside it

    Federal Court Rules AI Training with Copyrighted Books Fair Use

    A federal judge ruled this week that artificial intelligence company Anthropic did not violate copyright law when it used copyrighted books to train its Claude chatbot without author consent, but ordered the company to face trial on allegations it used pirated versions of the books.

  • server racks, a human head with a microchip, data pipes, cloud storage, and analytical symbols

    OpenAI, Oracle Expand AI Infrastructure Partnership

    OpenAI and Oracle have announced they will develop an additional 4.5 gigawatts of data center capacity, expanding their artificial intelligence infrastructure partnership as part of the Stargate Project, a joint venture among OpenAI, Oracle, and Japan's SoftBank Group that aims to deploy 10 gigawatts of computing capacity over four years.

  • laptop displaying a phishing email icon inside a browser window on the screen

    Phishing Campaign Targets ED Grant Portal

    Threat researchers at cybersecurity company BforeAI have identified a phishing campaign spoofing the U.S. Department of Education's G5 grant management portal.