JINONICE DOMAIN –DATA SECURITY IN THE JINONICE DOMAIN
Windows XP and later versions provide a good security standard for both work stations and sever. No data are stored on local work stations – these are connected only after the user logs in. Data are accessible only during login. The only risk element is your password and that is why you must choose a password with more than 7 characters; the password must not be repeated and the system also checks the complexity of the password. After five unsuccessful attempts to log in, the account is blocked automatically. The prerequisite for safety is correct user behaviour, namely: never give your password to anybody. To enhance security, we propose the following: increase the complexity of your password (use name dictionaries, prolong the password to 10 characters, and change the password every two months). The management must explain the reasons why this is important to academic staff.
The user has not rights to interference into the configuration of the work stations and has no rights allowing access to the data of other users (with the exception of data shared by all staff of a centre, which is separated from the data of individual users). A security policy is in place that disables applications of known security errors (the name of the last user who has logged in does not appear, risky www pages are blocked etc.). The user is not authorised to enter a password in BIOS and has no access to BIOS. Norton Antivirus is installed on the server and work stations. Updates are carried out centrally from a server located at the FACU. The antivirus programme runs non-stop and scans all the open files as well as emails. The user is not authorised to switch of the antivirus programme.
Data on the server are protected against component failure (RAID 5), and are secured against unauthorised access by a system of access rights.
Physical safety of the server: the server is located in a locked air-conditioned room protected by an alarm system and centralised supervision.
The server is connected to a back-up power supply and has a direct redundant connection to the grid; in case of a power cut it continues to operate for another 30 minutes.
All the data are backed up daily on a back-up facility located beyond the main building (for security reasons) and in the CUCC data centre. Back-ups are stored for 1 month.
The server, hard disk array and back-up facility are under warranty and the response time according to the contract is within 4 hours and intervention completed within 1 working day. Most components can be exchanged in the working condition.