Versions Compared

Old Version 6

changes.mady.by.user user-29411

Saved on

compared with

New Version Current

changes.mady.by.user user-29411

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Excerpt

A&S provides central file storage for admin and teaching purposes. To improve robustness, ChemIT is pleased to host a copy in our server room.

See also

Getting the A&S NAS into Baker

Topic

Comments

Timing? Process?

When start? How long? What staffing required?

Rack space for server and UPS

Ensure adequacy.

Networking

VLAN across buildings?
Compliance, relative to expected data on server? If expect "Confidential (Level 1) Information" on server (really?!), see below. Thanks!

Cooling

Anything special?

Physical security, including room access

Room access: No logging, currently. Access by student employees, custodial & facilities staff.
Compliance, relative to expected data on server? If expect "Confidential (Level 1) Information" on server (really?!), see below. Thanks!

Hardware and software maintenance

If physical access required, coordinate with ChemIT? Or, provision independent physical access by A&S IT staff? (If that choice, is that OK with CCB researchers?)
Using DRAC management? If so, show-and-tell to ChemIT staff? :-)

Confidential (Level 1) Information

Hopefully there will not be any "Confidential (Level 1) Information", as defined by University Policy 5.10, Information Security. (See in particular sections starting at p21.)

...

  • We also don't control full access. In addition to ChemIT staff (including student employess), the room can also be independently accessed by custodial staff, water chill repair folks, facilities staff, etc.. They often access the room without our specific knowledge.
  • Get a card-access lock instead? AP nearby. CCB just did one nearby, so should be able to easily get accurate cost-estimate. (Notebook logging of in's not an attractive option, but suppose it's an option. Does anything, really?)
  • If it helps, there are some extracts from the pertinent policy, below.

...

Thus, for example, a Windows system where the primary user's user’s domain password is sufficient to mount a file server volume and access directories with confidential (Level 1) information would need to be secured as if such information was stored locally.

...

* Note: Visitors are not permitted except under escort.

* An individual's individual’s access to a store of confidential (level 1) information should be via an account assigned for the sole use of that individual. This requirement is not to be interpreted as disallowing access to an encrypted dataset via a shared encryption key.

...