Getting access to software/ online applications
Have you seen an online application or web service that can help enhance your teaching, project or daily work? Perhaps you have a colleague at another institution that has recommended a great tool they have access to? Before you start using any software we need to ensure that it is safe, secure, and won’t put Griffith staff or students at risk.
By now, you should have asked yourself questions like:
- Why do I want to use this solution? (What problem is is solving? What work or teaching practice is it enhancing?)
- Who do I want using this solution? (Just me? My project or teaching team? My students?)
- How long do I want to use this solution? (For one teaching period? For a project? indefinitely?)
This is a great place to start, because it gives you an idea of the data that may be used in the solution - that is, personal information like email, name and IDs; confidential information like research data, reports or contracts; teaching materials or other information that falls under Griffith IP.
All these types of data need to be stored and accessed in a way that is protected and meets University, state and federal policy and laws. As an additional concern, externally hosted solutions sit outside of Griffith University’s area of control, and don’t have the same guarantee of accountability that is applied to internally developed, installed, and hosted applications. Sounds scary, doesn’t it? Don’t worry - we are here to help you.
Any solution must follow a defined review process through internal governance bodies. This process is designed to remove as many roadblocks as possible, and to ensure the solution doesn’t get “stopped at the gate” as people raise security, legal, or other concerns just before you start using it (or, even worse, when it’s already in use). Each checkpoint in the process has specific expertise or authority to provide oversight to ensure the solution meets legislative, policy, procurement, organisational, privacy, and security standards required for any service offered at Griffith University. Some examples of discovered issues that prevented systems from being used are:
- Requiring students to pay for software listed as 'required' for a course (policy)
- Storing personal data outside of Australia, where the data is not proven to be stored securely (legislation)
The process is here to help ensure that we make good decisions when selecting and engaging solutions; putting the protection of our staff and students at the forefront.
On this site we already have a list of known services. If you can find your application (or a similar application) on that list then you can contact Software Services to check the license/ review conditions to see if you can start using it immediately. If you cannot find the software you want to use, there's two options:
- If the software is purely desktop or laboratory equiment-based software then you can approach Software Services directly, and they can work through the license with you.
- If the software is in the cloud, then we must follow the Cloud Policy and utilise a series of reviews. Contact us to get the ball rolling through the review.