Faculty and staff looking for new software or hardware should use the University Tech Acquisition process, also known as "Get Tech."听 Get Tech ensures any new purchase (or free download) is evaluated for security, technical, support, and licensing needs of the University.
Not all companies meet 情色空间鈥檚 security standards when it comes to protecting user data. To be cyber safe, if you are interested in any software, hardware, or technology services, even if they are free, please use the 鈥淕et Tech鈥 process, which includes:
- [情色空间 Google sign-in required]: Review software considered approved for purchase/use, and software we do not recommend - be sure to look at all seven tabs.
- [情色空间 sign-in required]: Didn鈥檛 find something that meets your needs? Fill out the University Tech Acquisition Request Form.
When you use Get Tech, a coordinator from ITS will leverage a team of professionals from across ITS to ensure your data is safe, and the software or services you want meet University standards. ITS staff can help review the following topics with you:
- Security: To ensures data used by the technology is protected and meets the Security policies of the University.
- Technical Integration: To verify whether the technology product or service can be properly implemented and supported on our campus.
- Advice:听To let you know if there are other products better suited to meet your needs.
Additional Approvals
In the course of the review, we may also refer you to some of the following departments at Boston College:
- Legal - To ensure the University complies with all licensing and legal requirements of the technology.
- Office for Research Protections听(ORP) and the Boston College Institutional Review Board (IRB)听 - To review Human Subjects considerations.
- Office of Sponsored Programs - To assist with grant funded technology purchases.
- Procurement Services - To help you negotiate the best rate or terms for any technology for your department.
- Risk Management
- Technology Accessibility - To assist with accessibility concerns.
- University Controller鈥檚 Office, Cash Services - To review Payment Card Industry/credit card use.
Reviewed Technology List
Some software has already been reviewed by this process. Review which software is considered approved for purchase/use, and which software we do not recommend.
Before obtaining any tool on the听Reviewed Technology听list, please review the following caveats:
None of the technology is approved for use with confidential data.
Please use the听Get Tech form听to request a review of technology for use with confidential data, and include information on what听data types听are expected to be used.
Follow the terms of the license agreement
Always verify that your intended use will be compliant with the specific license entitlements to which you must agree before using any new technology.听For example,听Educational licenses听sometimes restrict the use of a technology to classrooms for teaching purposes or for academic research only. Some licenses may limit where technology can be installed, for example, some technology may not be installed on shared computers or in public areas. Other licenses may not be eligible for use in administrative areas. 鈥淔ree download trial鈥 licenses are often limited in functionality, quantity of users, or duration of use. Please review the license entitlements very carefully before selecting a product, even if it is on the Approved Technology list.
Backup
If you are acquiring a license to store data in an application that is hosted in the cloud, it is recommended that you backup your data.
Request New Technology
If the software you would like has not yet been reviewed by the Technology Acquisition process, please fill out the Tech Acquisition Request Form.
Why are cloud services risky?
Previously, most of the University's tech acquisitions involved buying software or hardware to run in the ITS data center. By having the technology in our data center, we were able to control many things such as having a generator, running nightly backups, setting physical access controls, and many more features. With cloud services, the software and hardware are not physically in our data center, therefore some of these things must be negotiated with the vendor to ensure University data continues to be protected. Based on the initial evaulation of the service, we may determine that a Higher Education Cloud Vendor Assessment Tool (HECVAT) is required.
A HECVAT is a questionnaire framework specifically designed for higher education to measure vendor risk.听