III-1i Sanctioned Use of Google Apps for Education

Date Approved: March 20, 2014
Effective Date: March 20, 2014
Responsible Official: Chief Information Security Officer
Responsible Office: [U]Tech Information Security Office
Revision History: Version 1.0; dated February 4, 2014
Related legislation and University policies: 

Review Period:  5 Years 
Date of Last Review:  February 4, 2014
Related to:  Faculty, Staff, Students, Alumni, affiliate account holders


This policy establishes boundaries for sanctioned use of CWRU Google Apps for Education (Google Apps), including but not limited to email, calendar, contacts, online meetings (Hangouts), online file storage (Drive and Google Docs), self-service web sites (Sites), photos (Picasa), social media (Google+), etc.

Coordination with Other Policies and Procedures

The Sanctioned Use Policy for CWRU Google Apps is closely aligned with these policies:


Not applicable.

Policy Statement


Case Western Reserve University has been engaged in the use of Google Apps for Education (Google Apps) since 2007. In the use of the various applications in the Google Apps suite, the following policy is defined to assist users in prudent decisions about how to use Google Apps, and similar cloud-based services available to the CWRU community. The application suite encompasses Google Apps utilities available to authorized CWRU users, through appropriate Single Sign On authentication.


  1. The CWRU-branded Google Apps suite of applications have been approved for use with Public and Internal Use categories of information, as described in CWRU UTech Policy III-1 Information Tiers and Sensitivity.
  2. The storage and transfer of Restricted information in Google Apps is strictly prohibited, unless the files are individually protected using encrypted means sufficient to prevent disclosure (strongly encrypted, complex-password-protected attachments, with no passwords included).


End Users will manage information under their stewardship in accordance with university policy.

University Technology will manage risk of shared information in Google Apps through various audit and assessment activities.

Standards Review Cycle

This standard will be reviewed every three years on the anniversary of the policy effective date, at a minimum. The standard may be reviewed on a more frequent basis depending on changes of risk exposure.

Frequently Asked Questions (FAQ) for Sanctioned Use of Google Apps