You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Current »

Recommendations geared towards Chemistry research groups. ChemIT's role is to promote, not require or enforce, these best practices.

Activities to help promote this best practice

Done

Ideas for next steps

  • Ensure ChemIT has the resources to promote this (or, can we afford not to?).
  • Propose formally to CCB's Tech Cmt for feedback and support.

High-level context for a Research group IT Risk assessment

  • Similar to CIT Security office Security Assessment and disaster recovery
  • Offer to do this
  • Enable Computing Rep to do this
  • Just inform, assess, not enforce anything

Benefits

  • Cost (what do we mean by this?)
  • Image (what do we mean by this?)
  • Prevent loss of science
  • Pre-audit – be in compliance when audit happens

What would be included?

  • Physical access to systems, data
  • Accounts management
  • Backup
  • Data recoverability
  • Intrusion detection
  • Critical operations
  • Emergency preparedness
  • Machines
    • Inventory
    • Individual assessment
    • Age / potential for failure
    • Applications and os updates
    • Virus likelihood
  • Clusters
    • Accounts management
    • Remote access / ports
    • Failure recovery
    • Backup & Archive
  • Network / remote access
  • 3rd party issues --access, recovery, restriction, location / country of storage
  • Personal machine risks
    • Infections spread to CU Machines
    • Wipe out CU Data
    • Users steal data
  • No labels