Accounts of the Conflict Computing Infrastructure Overview
Because of the sensitive nature of the data that will be collected and archived by the Accounts of the Conflict project it is important to provide a sense of security and peace of mind for our depositors regarding the collection, storage, and security of their data.
In this short blog I shall attempt in layman’s term to give an overview of the Account of the Conflict’s Server and Storage infrastructure within the university and the different security levels and procedures in place that protect the deposited data.
Hardware (Servers and Storage)
The Accounts of the Conflict project computing infrastructure is split across the Coleraine and Belfast campuses of the University of Ulster and is an integral part of the University’s data centres.
The Coleraine Data Centre is the University’s Primary Data Centre. It hosts the Accounts of the Conflict project’s hardware, data and backup facilities.
The Belfast campus Data Centre is the secondary Data Centre linked via dedicated network lines to the Coleraine Data Centre where the data and hardware in Coleraine is replicated. Should the Computer Centre in Coleraine fail for any reason the Belfast will Data Centre will automatically assume the primary function and maintain our services.
All of our hardware has built in management and monitoring systems that will alert the computing staff to any impending hardware failures and a comprehensive 4 hr. response maintenance program is in place in the event of a hardware failure at either Data Centre.
There are several levels of security in place restricting both physical and virtual access.
Only authorised members of the university’s Information Systems Department (ISD) staff can gain physical access to the data centres using chipped ID cards. The Data Centres are fitted with CCTV cameras and accesses are recorded and audited on a daily basis. Anyone else requiring access needs to give prior notice and obtain permission from the head of ISD and they will then be accompanied by an authorised staff member at all times whilst in the Data Centre.
External and internal access to our servers via the network is restricted by the University’s comprehensive firewall. Only authorised members of staff have full access from within the University’s firewall to the Data Centre. External access from outside the University is only possible via the University’s Virtual Private Network (VPN). This service is restricted to authorised and vetted staff using personal cryptographic keys.
When a project agrees to archive their data on our system and are accepted having completed the necessary administrative procedures we will provide an external disk or disks with an encrypted file system for the transportation of their data to our offices. Should the disk get lost or stolen in transit the data will be unreadable. The disk will then be delivered to us by the project or we will arrange to collect it. Once decrypted and transferred to a secure area on our servers the transporting disk will be securely wiped and reformatted.
Data that is to be stored whilst it is embargoed will be encrypted using 56-bit encryption software. The donor project will decide upon the encryption key and they will be responsible for it’s safekeeping until the data is no longer embargoed.
Hopefully this blog was technically jargon free. However, if you have been confused or have any queries about issues you feel have not been addressed fully then please feel free to contact me at anytime through the contact details on this website.
- Accounts of the Conflict: Computing Infrastructure Overview - 16th June 2014