The Finnish Tampere University and University of Applied Sciences have merged in 2019 to form a strong research partnership. Both universities have since long been invested in strenghtening protection of their data and were looking for a solution, which would add an additional end-to-end security layer to their cloud-based data storage. The reason is, above all, the high security awareness that the universities have, but also the current situation of data security regulation in Finland.
As part of the European Union, Finland is subject to the GDPR. The country has passed the Data Protection Act in 2019, which served as a supplement to the GDPR making sure the transition from previous sector-specific legislation around data privacy goes smoothly. Currently, Finnish lawmakers (as well as the rest of the EU) are struggling with the gaping hole left by the Safe Harbour Agreement and Privacy Shield, which were invalidated in 2020 by the European Court of Justice. These frameworks had previously addressed data transfer between the EU and the US and have not been replaced by any new regulation as of yet. Finnish data protection ombudswoman Anu Talus has stated that cloud services and the transfer of data to third countries are on her list of priorities for 2022.
Staff and students of Tampere’s Universities work and exchange data using Microsoft 365, meaning the data was being stored on Microsoft’s servers without protection. As these are predominantly based in the US, this posed a problem. Their prerequisites for a security solution were that it must be easy to use and not intervene with usual work – all Boxcryptor’s strong suits.
We would recommend anyone to consider Boxcryptor if there is a need for additional layer of security, especially while using multinational cloud storage providers.
Both staff and students have received Boxcryptor licenses and are encouraged to use encryption when working with any kind of sensitive data. As the regulations on data handling are getting more restrictive and complex, it’s important that the universities have the option to limit access to certain data, allowing them to accomodate different situations.
Tampere’s Universities started a trial with Boxcryptor in 2019 and have rolled out the solution gradually since then. The Boxcryptor team was very helpful in this process, providing all information and instruction needed for a smooth onboarding phase. After encountering some roadblocks with the Enterprise integration initially, the IT team at Tampere and the specialists at Boxcryptor have successfully cooperated to find a suitable solution.
Thanks to Boxcryptor, staff and students now posess the necessary tools to encrypt their sensitive data, making sure that data stored on US servers stays confidential. Using Boxcryptor allows them to keep working with their preferred collaboration tool even in the uncertain legal situation at the EU level.