SOP Data Collection Platform Security Policies

From PTAGISWiki

Jump to: navigation, search
image:PTAGIS_Logo.JPEG
Standard Operating Procedure
Subject:
DCP Security Policies
Author:
Scott Livingston
Approved by:
UNAPPROVED

Contents

Objective

This procedure will define and outline the internet security policies for the data collection computers at USACE and Non-USACE interrogation sites.

Scope

The scope of this document will encompass everything from addressing the OS update policy and virus protection. It will also describe in detail the rational for different scenerios.

Responsibilities

The enforcement and obedience of these security policies will be the responsibility of each PTAGIS team member.

Procedure

Platform Security Policy's

The data collection platforms at all PTAGIS controlled interrogation sites are used for only one function and that is to collect and distribute the PIT-tag data to the PTAGIS users. The Primary and Back-up computers are NOT to be used for any of the following purposes:

  • Web Browsing
  • E-mailing
  • Remote desktop access to another computer
  • Text editing etc.

A utility computer is provided at each of the PTAGIS controlled interrogation sites so that PTAGIS personnel can perform essential functions pertaining to their duties and responsibilities.


Platform Virus and Malware Protection

Rational for NOT invoking security software

  • The data collected by the DCP's is fully redundant and is stored in various locations at a very frequent interval.
  • The primary computer stores the data in a local directory.
  • The primary computer sends data to PTAGIS on a 3 hr interval.
  • The Backup computer creates data files every 1 hr and archives that data in a local directory.
  • In the worst case scenario, data is completely lost or compromised, the transceivers will still contain ~ 10,500 of the last detections that can be retrieved and nserted into thePTAGIS database.
  • Alot of virus software requires alot of overhead and maintenance to remain effective. Given the nature of our project and obligations to the PIT-tag researchers, this option has potential of being detrimental to data collection.

Win98se and Multimon Platform Protection

  • Due to the contraints and requirements of this DCP, no additional or supplemental security software is required.
  • The primary front end protection for these computers will be the firewall/Router (Sonicwall TZ-180).
  • At USACE installations, we will have to rely on their firewall/Router and security policies for protection.

Windows Vista and Minimon Platform Protection

The Sonicwall TZ-180 is currently providing the front end protection for these DCP's All internal Windows security protection is turned off. May revisit this in the future. Windows Defender is currenty disabled

Criteria for performing Windows updates on the Vista OS or other than Win98se

These updates are not to be downloaded and or installed during peak times of PIT-tag detection.

  • A major issue has been discovered with the OS that could seriously jeopardize the integrity of the DCP, and the Microsoft Corp. has announced that updates are available to repair this problem.
  • The fish traffic though a site is extremely low and the potential for data loss is minimal.

Future Security Policies

With the anticipation of deploying the new DCP's running the M4 interrogation software, the policies of the past could change drastically and this would be understandable. The M4 application design will be fairly complex and should have more than one layer of security protection. This topic should be discussed will the PTAGIS group at an appropriate time in order to develop new policies for the future.

Procedure Step 2

Use direct statements.

References

Write references here.



SOP_Minimon_Vista_Platform_Cfg_Procedure

Retrieved from "http://php.ptagis.org/wiki/index.php/SOP_Data_Collection_Platform_Security_Policies"
Personal tools