UT Research Cyberinfrastructure Leadership and Working Groups

Policy Working Group

 

Charge

Policy Goals

 

 

Name

Institution

Title

Watkins, Lewis (Chair)
UT System
Chief Information Security Officer
Beasley, Cam
UT Austin
Chief Information Security Officer
Boozer, Lee
UT MD Anderson Cancer Center
Project Manager, Institutional Compliance
Cantu, Rod
UT Health Science Center - San Antonio
IT Project Manager
Caskey, Paul
UT System
Technology Architect
Erp, Shirley
UT System
Information Security Architect
Heitke, Anne
UT System
Manager of Audits
Hempel, Chris
UT Austin
Director, User Services, Texas Advanced Computing Center
Holthaus, Barbara
UT System
Senior Attorney
Kirksey, Kirk
UT Southwestern Medical Center
Vice President, Information Resources
Mendoza, Nathaniel
UT Austin, Texas Advanced Computing Center
Senior Network Engineer
Moody, Barry
UT System
Information Security Officer
Mueller, Wayne
UT Health Science Center - San Antonio
Director, Systems Planning and Engineering
Quinn, Jessica
UT MD Anderson Cancer Center
Vice President and Chief Compliance Officer
Soldi, Miguel
UT System
Information Security Policy and Resourcing Analyst
Taylor, Bill
UT Health Science Center - San Antonio
IT Auditor
Weber, Max
UT MD Anderson Cancer Center
Corporate Compliance Attorney
Weems, Bill
UT Health Science Center - Houston
Director, Office of Academic Computing
Yoder, John
UT Health Science Center - Tyler
Chief Information Officer



Charge

Charge: To recommend policies for securing the UT System research cyberinfrastructure addressing the following elements:

  1. Defined Information Security Governance
  2. Policies, Procedures, Standards and Policy Management Process
  3. Asset / Data Classification
  4. Standard Risk Assessment and Management Process
  5. Compliance
  6. Access Management Process
  7. Change Management Process
  8. Configuration Management Process
  9. Data Backup and Recovery
  10. Disaster Recovery Plan
  11. Information Security Incident Management Process
  12. Physical Security
  13. Device Use and Security
  14. Application Development and Acquisition
  15. Electronic Records Management

Policies will differ for Phase 1 (the pilot) and Phase 2 (production). (i.e. The decision was made to not allow research using PII during the pilot. However, the production system must accommodate such research.)

 

[Back to top]



Policy Goals

  • Provide an environment that is secure for UT faculty to conduct their research.
    • Requires a sound backup strategy at all data facilities.
    • Ensures protection of intellectual policy.
  • Define a "trust framework" which includes an acceptable use policy and agreement so faculty can have confidence that others using the facilities are abiding by practices required to maintain the security for all.
  • Establish policies that create a computing environment that complies with regulations required by granting agencies to position UT institutions for competing for such grants.
  • Establish policies that allow for creation of a secure environment while not hampering research or faculty members' willingness to use the facilities.
  • Influence infrastructure architecture to the extent needed to ensure:
    • System reliability, data availability, integrity, and confidentiality;
    • Ease of use;
    • A range of services to accommodate varying needs such as:
      • Storage with fast access to supercomputing needs
      • Large capacity storage but without the need to access supercomputer facilities
      • Encrypted storage
      • Local storage
      • Ease of provisioning
      • Data life cycle management and deprovisioning
    • Secure methods for collaborating with non-UT researchers and organizations

[Back to top]

  • © 2011 The University of Texas System
  • 601 Colorado Street
  • Austin, TX 78701
  • Phone: (512) 499-4224
  • Fax: (512) 499-4313

    •