...
While the University respects academic freedom and has a broad mission, staff need to take careful consideration of personal use of University owned systems or networks. For example, profiting or politicking with University equipment violates State law. Other activities may be legal but against the mission of the University. Staff are advised to contact the Ethics Office with specific questions about personal use of University equipment.
Operating Servers at NCSA
Production services are primarily run out of one of three directorates at NCSA: Advanced Digital Services (ADS), Information Technology Services (ITS), or Cybersecurity. These groups meet regular and their leaders for the NCSA IT Operations Board who work together provide the best services possible for our staff, users and partners. However, there are many R&D projects that run their own services less formally. PIs and project managers of such projects still have obligations and need to be aware of NCSA policies and procedures that affect operators of any service.
Raised access floor (RAF) space is provided at NCSA for servers at NCSA. Based on the needs of the project and costs, servers could be placed in either the main data center at NPCF or one of the smaller RAF spaces in the NCSA building. The IT Operations Board works with PIs to find the appropriate space.
Running any service requires knowledge of and compliance with NCSA Network Security Policy policy, which defines security requirements based on the network zone where the service hosted.
Just as services provided by ADS, ITS, and Cybersecurity must respect the privacy of users, so to must anyone running production services at NCSA respect user privacy, maintain transparency, and follow applicable laws. Failure to do this endangers NCSA's reputation and standing, and could result in system or service being taken offline.
Finally, security must be involved early on when developing proposals that will place new infrastructure at NCSA. This is because special requirements could require extra planning by security or even have extra costs that must be accounted for in the proposal. For example, having personal health information could require clearance with the University or special environments to be setup, or bringing new WAN links could inquire extra costs or planning for monitoring NCSA networks.
...
- Policy
- Service operation
- BE aware of laws and privacy of users
- follow network security policies
- involve security in planning process
- change control as appropriate
- production servers belong in a RAF room, see network zone policy
- Equipment registered to you
- Follow best practices and maintain updates, follow university policies
- screen locks on mobile devices, leaving office doors open
- taking home
- Done with it, broken or lost
- surplus & wipe
- xfer equipment
- ethical use
- Personal equipment implications
- Information/Data
- Follow university policy
- includes printed materials and physical locks
- Notify of high risk or confidential data
- backup important
- encryption on backup & mobile
- approved third parties like box
- Follow university policy
- employee exit
- authorizations
- keys
- email lists
- property return
- Service operation
- Authority & Consequences
- revoked accounts, privileges, taken off network, reported to HR
- PA only has authority to speak with the public directly or the DO
- Exceptions process
- Review & update
- References
...