View
1
Download
0
Category
Preview:
Citation preview
1
Welcome to NURAP at Noon!
October 28, 2015
Presentation byInformation & Systems Security/Compliance
Feinberg School of MedicineResearch Computing Services
2
Overview
Information as an Asset
Threat Landscape
Process Improvements / FSM & IT
Simple Steps to Your Security
Research Computing Services
3
Information as an Asset
4
“If it’s worth collecting, it’s worth protecting”
Budgets Invoices, receipts, payments, planning, forecastingHR Data Compensation, pension, benefits, performanceContracts Terms & conditions, nondisclosure, service agreementsResearch IP, patents, consent agreements, patient recordsPersonal SSNs, credit cards, DoB, medical/health records, certificatesProfessional Accomplishments, CV, degrees, awards, reputation
Threat Landscape
5
Jul ‘15 Harvard University (8 colleges) Unknown Unknown
May ‘15 Pennsylvania State (Engineering) China 18K
Jul ‘14 University of Illinois Chicago Unknown Unknown
Mar ‘14 University of Wisconsin Parkside Unknown 15K
Mar ‘14 North Dakota University Unknown 290K
Feb ‘14 Indiana University Unknown 146K
Feb ‘14 University of Maryland Unknown 309K
https://www.privacyrights.org/data‐breach
Threat Landscape ‐ Northwestern
6
Oct ’15 Communications Battery – stolen laptopSep ‘15 WCAS Misconfigured server/driveAug ‘15 McCormick Two stolen laptops Jul ‘15 Ford Building Stolen serverOct ‘14 FSM Stolen laptopJun ‘14 FSM Misconfigured server 400 PIIMar ‘14 FSM Misconfigured NAS deviceMar ‘14 Travel Credit card fraud $18,000Feb ‘14 FSM Misconfigured NAS device
Threat Landscape
• Highly automated• Indiscriminate and targeted attacks• 24 X 7 – never takes a vacation, never takes a holiday• Medical records now more “valuable” than financial (e.g., credit cards)• Hacktivist – Criminal – Insider – Espionage – Terrorism - Warfare
https://cybermap.kaspersky.com/https://www.checkpoint.com/ThreatPortal/livemap.html
7
Process ImprovementsFeinberg School of Medicine• Information Security Data Security Plans• Research Use of EDW Data• Guidelines for File Storage• Hardware and Software Standards• Encryption: Computers and Email• Tiered Network Services
8
http://www.feinberg.northwestern.edu/it/standards‐policies/
Process ImprovementsInformation & Systems Security/Compliance• Information Security Management System (ISMS)• Information & Systems Security Policy/Procedures (ISSPP)• ISO Security Standards• HIPAA/ISO Information Security Guidance• Incident Response Protocol
9
http://www.it.northwestern.edu/security/security‐management.html
Simple Steps to Your Security
• Change ‘default’ settings• Use encryption, anti-malware and anti-virus
Use longer/stronger passphrasesKeep your systems & applications currentPhishing: Be awareMaintain situational awareness
10
“It just has to be ‘good enough’…”
Research Computing ServicesNorthwestern Information Technology
Jackie Milhans, Lead Computational SpecialistJoe Paris, Assoc. Director for Research
Overview
• Stay engaged in conversations on campus to understand emerging and growing research needs.
• Enable research by supporting computing, data management (storage, transfer, security), etc.
• Educate researchers in programming, computational skills and raise awareness of available resources.
• Help build communities on campus (bioinformatics, data science, etc.) and communicate growing areas to University.
Computational Climate at Northwestern
Computing Scale
Effort by PI
DesktopDesktop
CloudCloud
VMVMQuestQuest
SSCCSSCC
National Facilities (XSEDE, Mira, Blue
Waters, etc.)
Exascale
Usage at Northwestern
High-Performance Computing – Quest
• Supports over 250 research projects• We provided one‐on‐one training, software installation, etc.• Several common software is installed, and project‐specific software can be installed.
• Can adapt to unique computing needs (GPU, High‐Memory).
Quest ‐ Fields of Research
Applied Physics
Biomedical Engineering
Center for Genetic Medicine
Chemical and Biological Engineering
Chemistry
Civil and Environmental Engineering
Civil Engineering
Department of Medicine Cardiology Division
Department of Medicine Endocrinology Division
Division of Hematology Oncology
Earth and Planetary Sciences
Economics
EECS and Learning Science
Electrical Engineering and Computer Science
Engineering Sciences and Applied Mathematics
Finance
Human Molecular Genetics Program
Industrial Engineering and Management Sciences
Interdisciplinary Biological Sciences Graduate Program
Management and Stategy
Quest – Access
• Free access is requested by an allocation proposal.• Accounts are offered for development, classes, and
larger research allocations.• Quest is 90% grant supported – These nodes are
owned by a research group for dedicated acces.• Special purchases – dedicated login nodes, GPGPUs
and high-memory nodes have been purchased and installed on Quest when commodity nodes will not fit the research.
Social Sciences Computing Cluster (SSCC)
• Supports research and teaching of social sciences community• Includes a selection of analytical and statistical software• Access is available at no charge to social sciences faculty, graduate
students, and undergraduate students
External Computing Resources
• When Quest or the SSCC does not fit the research need Research Computing HPC Specialists can:– Consult with users – Test code performance– Review allocation proposals– Explain best practices
Research Data Storage Options
Tiers Annual Cost/TB ($)
Collaborativewith external researchers
Access to Quest
PHI/PII compliant
BOX 0 YES NO **
RESEARCH DATA STORAGE SERVICE
137 YES NO YES
VAULT SUPPLEMENTARY 70 NO YES NO
HPC STORAGE 410 NO YES NO
Note: Box file size limit is 15 GB.
Research Data Storage Service• Features include:
– Desktop mountable (SMB)– HIPAA-compliant capable (audited zone)– Daily snapshot (local copy) and daily replication to
Chicago cluster– $137/TB annually, can pay up to 5 years in advance
• 3 zones:– Feinberg (managed by FSM IT), audited– Northwestern – unaudited– Northwestern – audited
Visualization Services
• Visualization services at Northwestern include illustrations, animations, and interactive types of data and concept visualizations.
• Visualizations help explain ideas, results, and concepts that may otherwise be difficult to convey or explain.
• Work by this team has been featured in journals, conference presentations, and in the classroom.
• These services are available for an hourly fee.
Northwestern VisualizationIllustration
Northwestern VisualizationAnimation
Northwestern VisualizationInteractive
Workshops and Training
• We provide training via consultation, specialized workshops, and workshop series.
• We also partner with existing events to teach workshops or portions of workshops (Kellogg Computational Social Sciences Summit, Big Data Introduction to Programming, Programming for Biologists).
Workshop Series• Researcher’s Toolkit
– In partnership with the Library, this series is normally held in Mudd Library.
– Topics include: Intro to Bash, GIS, EndNote, Data Management, Intro to Quest, Github, etc.
• Computational Skills for Informatics– In partnership with Galter Health
Sciences Library– Topics include: Intro to Quest,
Chip-Seq, DNA-Seq, etc.
Individual Workshops and Bootcamps
• Software Carpentry – 2-day workshop that focuses on bash shell, version control (git), and programming in R or python.
• NVIDIA GPU workshop – 1-day workshop taught by NVIDIA.• Galaxy – Open source, web-based platform for data intensive biomedical
research.• Virtual School of Computational Science and Engineering – Delivered by
XSEDE, hosted simultaneously at multiple locations across country.
Computational Research Day• All‐day symposium held at Norris during Spring. • ~20 speakers, largely NU faculty, some postdocs and grad students, and 2 visiting keynote speakers.
• Poster Competition ($1500 towards conference travel) and Data Visualization Challenge.
• Next year will be the 3rd year.• Each year, topics are more diverse.• Attendance was over 300 this year.• Excellent feedback from faculty and students regarding diversity of topics and quality of talks.
Additional Efforts
• Involvement in faculty recruitment, including interviews, consulting in startup packages, etc.
• Cyberinfrastructure Engineer – Provide training and consulting for researchers’ data management and raise awareness of available resources (supported by the NSF).
• Computational Lab Technician – Facilitate research data acquisition and control for lab equipment, data management and security, and utilization of available research cyberinfrastructure.
Contacts
30
Information & Systems Security/ComplianceDave Kovarik, DirectorEmail: david‐kovarik@northwestern.eduOffice: (847) 467‐5930
FSM Information Security Carl Cammarata, Senior Director & Chief Information Security OfficerEmail: carl.cammarata@northwestern.eduOffice: (312) 503‐2822
Research Computing ServicesJackie Milhans, Lead Computational SpecialistEmail: milhans@northwestern.eduOffice: (847) 467‐4592
Recommended