Faculty and staff looking for new software or hardware should use the University Tech Acquisition process, also known as "Get Tech." Get Tech ensures any new purchase (or free download) meets the numerous security, technical, support, and legal requirements of the University.
Not all companies meet 㽶’s security standards when it comes to protecting user data. To be cyber safe, if you are interested in any software, hardware, or technology services, even if they are free, please use the “Get Tech” process, which includes:
- [㽶 Google sign-in required]: Review software considered approved for purchase/use, and software we do not recommend - be sure to look at all six tabs.
- [㽶 sign-in required]: Didn’t find something that meets your needs? Fill out the University Tech Acquisition Request Form.
When you use Get Tech, a coordinator from ITS will leverage a team of professionals from across ITS, General Counsel, Risk Management, Controller’s Office, and Procurement Services to ensure your data is safe, and the software or services you want meet University standards:
- Security:It ensures data used by the technology is protected and meets the Security policies of the University.
- Legal:It ensures the University complies with all licensing and legal requirements of the technology.
- Technical Integration:It helps ITS verify whether the technology product or service can be properly implemented and supported on our campus.
- Better Terms:We help you negotiate the best rate or terms for any technology for your department.
- Advice:ITS can let you know if there are other products better suited to meet your needs.
Reviewed Technology List
Some software has already been reviewed by this process. Review which software is considered approved for purchase/use, and which software we do not recommend.
Before obtaining any tool on theReviewed Technologylist, please review the following caveats:
None of the technology is approved for use with confidential data.
Please use theGet Tech formto request a review of technology for use with confidential data, and include information on whatdata typesare expected to be used.
Follow the terms of the license agreement
Always verify that your intended use will be compliant with the specific license entitlements to which you must agree before using any new technology.For example,Educational licensessometimes restrict the use of a technology to classrooms for teaching purposes or for academic research only. Some licenses may limit where technology can be installed, for example, some technology may not be installed on shared computers or in public areas. Other licenses may not be eligible for use in administrative areas. “Free download trial” licenses are often limited in functionality, quantity of users, or duration of use. Please review the license entitlements very carefully before selecting a product, even if it is on the Approved Technology list.
Backup
If you are acquiring a license to store data in an application that is hosted in the cloud, it is recommended that you backup your data.
Additional Approvals
The University Tech Acquisition process, including obtaining technology on the Approved Technology list, may require additional approvals related to:
- Human subjects considerations:Office for Research Protections(ORP)
- Payment Card Industry/credit card use:University Controller’s Office, Cash Services
- Granted funded technology purchases:Office of Sponsored Programs
- Accessibility:Technology Accessibility
**If these apply to your possible use-case, please consult with the appropriate department.*
Request New Technology
If the software you would like has not yet been reviewed by the Technology Acquisition process, please fill out the Tech Acquisition Request Form.
Why are cloud services risky?
Previously, most of the University's tech acquisitions involved buying software or hardware to run in the ITS data center. By having the technology in our data center, we were able to control many things such as having a generator, running nightly backups, setting physical access controls, and many more features. With cloud services, the software and hardware are not physically in our data center, therefore all of these things must be negotiated with the vendor to ensure University data continues to be protected.Higher Education Cloud Vendor Assessment Tool (HECVAT):In order to facilitate a security review of a cloud service, the service vendor will be requested to complete a Higher Education Cloud Vendor Assessment Tool (HECVAT). This questionnaire framework was specifically designed for higher education to measure vendor risk.