Versions Compared

Old Version 20

changes.mady.by.user Adam Slagell

Saved on

compared with

New Version 21

changes.mady.by.user Adam Slagell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Production services are primarily run out of one of three directorates at NCSA: Advanced Digital Services (ADS), Information Technology Services (ITS), or Cybersecurity. These groups meet regular and their leaders for form the NCSA IT Operations Board who work together to provide the best services possible for our staff, users and partners. However, there are many R&D projects that run their own services less formally. These PIs and project managers of such projects still have obligations and need to be aware of NCSA/UIUC policies and procedures that affect operators of any service.

Raised access floor (RAF) space is provided at NCSA for servers at NCSA. Based on the needs of the project and costs, servers could be placed in either the main data center at NPCF or one of the smaller RAF spaces in the NCSA building. The IT Operations Board works with PIs to find the appropriate space.

Running any service requires knowledge of and compliance with with the NCSA Network Security Policy policy, which defines security requirements based on the network zone where the service hosted.

Just as services provided by ADS, ITS, and Cybersecurity must respect the privacy of users, so to too must anyone running production services at NCSA respect user privacy, maintain transparency, and follow applicable laws. Failure to do this endangers NCSA's reputation and standing, and could result in a system or service being taken offline.

Finally, security the Security Office must be involved early on when developing proposals that will place new infrastructure at NCSA. This is because special requirements could require extra planning by security staff or even have extra costs that must be accounted for in the proposal. For example, having personal health information could require clearance with the University or special environments to be setup, or and bringing new WAN links could inquire incur extra costs or planning for monitoring NCSA networks.

...

  • Policy
    Service operation
  • BE aware of laws and privacy of users
  • follow network security policies
  • involve security in planning process
  • change control as appropriate
    • production servers belong in a RAF room, see network zone policy
    • Equipment registered to you
      • Follow best practices and maintain updates, follow university policies
      • screen locks on mobile devices, leaving office doors open
      • taking home
      • Done with it, broken or lost
        • surplus & wipe
        • xfer equipment
      • ethical use
      • Personal equipment implications
    • Information/Data
      • Follow university policy
        • includes printed materials and physical locks
      • Notify of high risk or confidential data
      • backup important
      • encryption on backup & mobile
      • approved third parties like box
    • employee exit
      • authorizations
      • keys
      • email lists
      • property return
  • Authority & Consequences
    • revoked accounts, privileges, taken off network, reported to HR
    • PA only has authority to speak with the public directly or the DO
  • Exceptions process
  • Review & update
  • References

...