Originally published August 2, 2018
Key Dates and Information
Policy Change: August 2018 release
Secure File Transfer Protocol (SFTP) is a way for D2L customers to send and receive data from their Brightspace Learning Environment. SFTP is a temporary location for files where files are usually removed after processing. Typical use cases include:
- Customers sending files regularly for processing into Brightspace, such as input files for SIS integration. This would include XML files for user accounts, course records and user enrollments into courses
- Customers sending files for batch job processing, such as Copy Course Batch and Bulk Course Create. This would include input csv files, as well as course packages
- Grades or other data from the Brightspace Learning Environment in csv or other format, pushed to SFTP to be retrieved and processed by customers.
To support GDPR (General Data Protection Regulation) and to align with best practices, D2L is formalizing its data retention policy for SFTP and will maintain files on all D2L SFTP for 30 days only. This means that all files and data will be deleted from your D2L SFTP 30 days after the file was added to the SFTP. That change will be rolled out over the next couple of months..
Why Are We Making This Policy Decision?
D2L general practices mean that data on SFTP accounts is typically removed after processing. The goal of this policy change is to formalize that policy and align with best practices and regulation such as GDPR. This policy ensures that only your relevant, current data will remain in the SFTP.
What is the Impact and Transition Plan for Active Clients?
All files older than 30 days will be deleted from D2L SFTP accounts over the next couple of months. No action is required on your part unless you’ve been inadvertently using SFTP for long term storage. If this is the case we recommend establishing your own secure location and migrating your content there for long term storage.
Frequently Asked Questions
1) Can I do anything to prepare for this change?
As mentioned above, there is no action required by customers unless there is data on your D2L SFTP accounts that is older than 30 days that you wish to maintain. If that is the case, please make arrangements to move those older files to a permanent storage location before the end of August. Going forward after the end of August, files will be automatically deleted after 30 days on the SFTP.
2) You mention GDPR. Does this 30 day SFTP data retention policy impact me?
Yes, this is a global data retention policy that will be applied to all Brightspace Cloud Services. All SFTP accounts provisioned by D2L will have a 30-day retention policy, and older files will be deleted.
3) Does 30 day policy apply to Course Packages that we are importing to D2L?
Yes, this 30 day policy applies to all content of D2L SFTPs. If you are actively importing Course Packages to Brightspace, you should consider the D2L SFTP a temporary location for processing and import into Brightspace. For permanent storage, please store your course packages or other important data in a long-term storage location maintained by your organization. For new Brightspace customers working with the D2L Implementation team to migrate your course content, please speak to your implementation Project Manager about possible exceptions to this policy during the implementation and course import process.