SDF Workstation Configuration

 

The SDF has a single entrance which is always locked. It is secured by a lock which can be opened through the use of a pushbutton combination. The combination is locked in a safe used exclusively for CPC's Secure Data Initiative. This safe is accessible only by members of the CPC SDF Team. SDF users are provided the door combination, which is changed whenever a user is no longer authorized to use the facility. The computers are physically contained in a locked secure cabinet in the SDF. Cabinet keys are kept in the SDF safe. Because the computer is kept in a secured cabinet, with only the monitor, keyboard, and mouse outside the cabinet, users cannot transcribe data to removable storage devices (floppy disks, Zip disks, CDRWs, USB Flash Drives, etc.), nor can they hook up a personal printer to the workstations. A printer will be connected to the computers via a private network (see Network Access) and will be located in the CPC network room. CPC's network room is locked with a pushbutton combination lock and is accessible only by CPC Systems personnel and key CPC administrative personnel. An SDF Team member will review the printout, and if the results appear to present no risk of inappropriate data use, they will be given to the researcher. Otherwise, they will be shredded.  One computer is configured with Windows Server 2003 and the other is configured as a client using Windows XP Pro SP2. Both will take advantage of NTFS access permissions as well as the Windows Encrypting File System (EFS).
The computers in the SDF are networked to each other and a secured printer via a private/standalone switch. Both the switch and printer are in the CPC network room (see above section on Vetted printout). There is no access to resources outside of the SDF from these computers and there is no access to these computers from outside the SDF.These computers are configured so that only authorized researchers and CPC support staff can logon. User accounts have no system administration privileges, and are set to expire on or before the date on which the users' authorization to access the data expires. User authentication is established through the conventional Windows userid and password system.Since these computers use the NTFS file system, access control features will be applied so that only the authorized researcher can access the sensitive data files. Encryption will also be turned on at the directory level so that only the researcher will be able to read the data in his or her personal directory. Since the computers are to be used by more than one authorized researcher, each researcher will be provided his or her own disk partition for data storage. This partition will not be accessible to other users. Only the user's personal analysis program files on this computer will be backed up by a member of the SDF Team. These files will be stored in the SDF safe along with the original copy of the data received from the data provider. Since the computers are locked in a cabinet and no access is allowed to the CD-ROM drive or to any USB connections, there is no way for a user to boot these computers by any means other than the internal hard drives. A Symantec Anti-virus package will be maintained on the system at all times. It will be configured to monitor all executable programs and use of application software macros. During the project, the erasure of sensitive data in work files will be performed by a secure erasure procedure. This will prevent the recovery of sensitive data after the file has been "erased." The system will be configured so that if left unattended for 5 minutes, the displayed information will be hidden, and an authorized user will have to provide a password to regain access. At the end of the project, the partition containing the sensitive data will be erased with a secure erasure procedure, and the partition will be removed. All removable media containing sensitive data will either be returned to the provider or destroyed by the researcher.