Faculty and staff looking for new software or hardware should use the University Tech Acquisition process, also known as "Get Tech."听 Get Tech ensures any new purchase (or free download) meets the numerous security, technical, support, and legal requirements of the University.
Not all companies meet BC鈥檚 security standards when it comes to protecting user data. To be cyber safe, if you are interested in any software, hardware, or technology services, even if they are free, please use the 鈥淕et Tech鈥 process, which includes:
- [BC Google sign-in required]: Review software considered approved for purchase/use, and software we do not recommend - be sure to look at all six tabs.
- 听[BC sign-in required]: Didn鈥檛 find something that meets your needs? Fill out the University Tech Acquisition Request Form.
When you use Get Tech, a coordinator from ITS will leverage a team of professionals from across ITS, General Counsel, Risk Management, Controller鈥檚 Office, and Procurement Services to ensure your data is safe, and the software or services you want meet University standards:
- Security:听It ensures data used by the technology is protected and meets the Security policies of the University.听
- Legal:听It ensures the University complies with all licensing and legal requirements of the technology.
- Technical Integration:听It helps ITS verify whether the technology product or service can be properly implemented and supported on our campus.
- Better Terms:听We help you negotiate the best rate or terms for any technology for your department.
- Advice:听ITS can let you know if there are other products better suited to meet your needs.
Reviewed Technology List
Some software has already been reviewed by this process. Review which software is considered approved for purchase/use, and which software we do not recommend.
Before obtaining any tool on the听Reviewed Technology听list, please review the following caveats:
None of the technology is approved for use with confidential data.
Please use the听Get Tech form听to request a review of technology for use with confidential data, and include information on what听data types听are expected to be used.
Follow the terms of the license agreement
Always verify that your intended use will be compliant with the specific license entitlements to which you must agree before using any new technology.听For example,听Educational licenses听sometimes restrict the use of a technology to classrooms for teaching purposes or for academic research only. Some licenses may limit where technology can be installed, for example, some technology may not be installed on shared computers or in public areas. Other licenses may not be eligible for use in administrative areas. 鈥淔ree download trial鈥 licenses are often limited in functionality, quantity of users, or duration of use. Please review the license entitlements very carefully before selecting a product, even if it is on the Approved Technology list.
Backup
If you are acquiring a license to store data in an application that is hosted in the cloud, it is recommended that you backup your data.
Additional Approvals
The University Tech Acquisition process, including obtaining technology on the Approved Technology list, may require additional approvals related to:
- Human subjects considerations:听Office for Research Protections听(ORP)
- Payment Card Industry/credit card use:听University Controller鈥檚 Office, Cash Services
- Granted funded technology purchases:听Office of Sponsored Programs
- Accessibility:听Technology Accessibility
**If these apply to your possible use-case, please consult with the appropriate department.*
Request New Technology
If the software you would like has not yet been reviewed by the Technology Acquisition process, please fill out the Tech Acquisition Request Form.
Why are cloud services risky?
Previously, most of the University's tech acquisitions involved buying software or hardware to run in the ITS data center. By having the technology in our data center, we were able to control many things such as having a generator, running nightly backups, setting physical access controls, and many more features. With cloud services, the software and hardware are not physically in our data center, therefore all of these things must be negotiated with the vendor to ensure University data continues to be protected.Higher Education Cloud Vendor Assessment Tool (HECVAT):听In order to facilitate a security review of a cloud service, the service vendor will be requested to complete a Higher Education Cloud Vendor Assessment Tool (HECVAT). This questionnaire framework was specifically designed for higher education to measure vendor risk.