External IT services - alternatives for research and teaching institutions

External IT services are usually popular and widely known. However, their use offers potential security gaps and sources of danger in the storage and encryption of data, conditions of use, legal bases and scopes of application, etc. In general, preference should always be given to the central IT services offered by the SCC; in the area of administration, their use is sometimes even mandatory.
In the overview below you will find alternatives to external IT services for research and teaching institutions for the topics of file exchange and storage, appointment coordination, video communication, city maps, microblogging and search engines.

Function:File exchange and storage
Popular crowd-sourced services:Dropbox, SkyDrive, Google Drive, iCloud and other cloud storage
Problematic issues:Storage possible outside the EU (data protection and compliance with national laws not guaranteed or verifiable), details of storage not disclosed, encryption functions only possible at extra cost or on own initiative, contractual agreement one-sided, availability not influenceable
Alternative 1:Gigamove
Advantages of the alternative:Data remain in the German science network, transfer to persons outside the science network possible, encryption during transfer, automatic deletion, automatic virus check during upload, additional password protection for downloads possible
Limitations of the alternative:Focus: Data exchange, not (longer-term) external data storage
Storage for 7 to max. 14 days
Storage capacity max. 100 GB
no synchronisation of multiple devices possible
Domain name of RWTH Aachen is displayed
Alternative 2:Cloud storage of the Bauhaus-Universität
Advantages of the alternative:Use for the exchange and synchronisation of data, data remain in the German science network, encryption during transmission, access to data can also be provided to external partners, use with a web browser or by means of special client software (provided automatically on centrally administered Windows systems).
Limitations of the alternative:Use possible during the contract term, the storage quota is 25 GB per account
Function:Appointment coordination
Popular crowd-sourced services:Doodle
Problematic issues:Storage possible outside the EU (data protection and compliance with national laws not guaranteed or verifiable), contractual agreement weak, display of advertising, availability not influenceable
Alternative:DFN Scheduler
Advantages of the alternative:Data remain in the German academic network, encrypted data transmission, explicit advice to use pseudonyms, automatic deletion after a set expiry date, no analysis of usage with external services (google analytics, etc.), no display of advertisements
Limitations of the alternative:unknown
Function:Video communication
Popular crowd-sourced services:Skype
Problematic issues:Non-published, proprietary protocol for encrypting data transmission, implemented protective measures of own IT infrastructure (firewall...) can be undermined → Security and confidentiality of data questionable, evaluation of the connection information probable, (unintentional) takeover and provision of services of the service for external parties (supernode -> increased data transfer), trustworthiness of the globally distributed devices involved in the call handling doubtful, social engineering attacks possible, availability not influenceable
Alternative 1: BigBlueButton
Usage: https://meeting.uni-weimar.de/
Advantages of the alternative: Hosting on the IT infrastructure of the Bauhaus-Universität Weimar, use of the open source software BigBlueButton (currently undergoing very rapid further development with consideration of the requirements of the universities), login with the university account of the Bauhaus-Universität, no forwarding of master data to third parties.
Limitations of the alternative: Optimised for small groups, recommended (number of participants) x (number of screens switched on) < 1500, currently still relatively high network load
Alternative 2: DFNconf - The conference service in the German Research Network
Information: https://www.conf.dfn.de/
Usage: https://www.conf.dfn.de/zugang-zum-dienst/https://www.conf.dfn.de/zugang-zum-dienst/
Advantages of the alternative:Data remains in the German science network, organisation of conferences tailored to the needs and requirements of the science community, accessible via SIP and H.323-based VC systems, standardised web-based solutions, mobile end devices with corresponding software app or via telephone dial-in, encrypted data transfer
Limitations of the alternative:Initiation only by staff of an institution participating in the DFN Internet Service, events with up to approx. 200 participants possible, no multi-client capability (all participants on the same hierarchical level), participants in conferences must be notified by e-mail of the date of the conference.
Function:City plans / maps for integration into own publications including the WWW
Popular crowd-sourced services:Google Maps / Google Earth
Problematic issues:Use only restricted free, binding terms of use can be changed unilaterally ad-hoc by the provider, contractual agreement unilateral
Advantages of the alternative:Open data (CC BY-SA), partly more detailed indexing of cities and other areas, own targeted influence on data quality and scope possible
Limitations of the alternative:No satellite images
Function:Microblogging (Short message service)
Popular crowd-sourced services:Twitter
Problematic issues:Twitter is managed and controlled by a commercial provider, via secret algorithms. Twitter collects personal data of its users and shares it with third parties. The short messages sent, the so-called tweets, are considered public communication. Such published opinions can be copied and reused by anyone without violating the privacy of the originator. The same applies to other content related to the message. This includes, for example, photos, videos or links to other websites. Twitter can be abused by spamming for advertising.
Alternative:Mastodon: Mastodon · GitHub
Advantages of the alternative:Mastodon is designed as a decentralised network. The service is therefore not based on a central platform, but consists of many different servers that can be operated by private individuals, associations or other bodies on their own responsibility and interact with each other. The project is Free Software and its source code is available under the GNU Affero General Public License. The instances of the service are part of Fediverse, i.e. connected to other social networks. On Mastodon, registered users can distribute telegram-like short messages. These messages are called "Toots" or translated "Tröts". Mastodon allows 500 characters per post (toot) in the default setting (in contrast to Twitter = 280 characters), but these can be adjusted according to the ActivityPub protocol. The toots can be commented on, shared and favoured by users Toots can be given an expiry date, after which they delete themselves automatically. Users create an account on one of the many different servers (instances) and from there can follow users on all other servers as well as other Fediverse services. There are official apps for iOS and Android, which are also open source.
Limitations of the alternative:
Function:Search engines
Popular crowd-sourced services:Google, Bing
Advantages of the alternative:Service forwards entered search queries to the Google search engine and thus displays the search results anonymously (according to https://de.wikipedia.org/wiki/Startpage)

External IT services: currently without a real alternative

Social networks - Facebook, Google+, Linkedln

Other recommendations

If external IT services are to be used because the SCC does not provide the required service or it does not meet the requirements, the stipulations of §11 Use of External IT Services of theCommon IT Usage Regulations of the Bauhaus-Universität Weimar and the University of Music FRANZ LISZT Weimar must be observed.