 |
|
Computing and Network Security: Organizational Structure
|
|
| |
|
Summary: UCSD's computing, data, and network security is supported by several committees and positions. |
|
Administrative Computing and Telecommunications Policy Committee (ACTPC)
Mission: The ACTPC advises the Vice Chancellor, Business Affairs, on the development of ACT implementation efforts and directions. The ACTPC provides advice on: (1) the setting of organizational priorities; (2) computer access policies and standard availability hours; (3) prioritization and development of automated systems; (4) coordination of efforts between ACT and other campus automated systems; (5) training directions and efforts on applications under ACT’s area of responsibility; and (6) expanding and developing the telecommunications network.
Members: Debbie McGraw (Chair), Tom Jackiewicz, Dave Miller, Tom Collins, Don Larson, Ed Babakanian, Elazar Harel, Greg Hidley, Karen Andrews, Margie Pryatel, Marlene Shaver, Nancy Hartley, Paul Croft, Thomas Leet, Stephanie Burke, Doug Bennett, Mae Brown, Sylvia Lepe, Katrina Albrandt
Subcommittees:
Security Subcommittee
Mission: To develop and recommend campus-wide standards for adoption and approval of the ACTPC, addressing security and access to business, student, and non-medical information systems and data maintained by all campus entities.
Focus: The committee is limited to security of and access to data. Issues addressed by the Security Subcommittee include, but are not limited to: (1) development of policy for control and access to personal information, such as Social Security number, in accordance with recent changes in California law; (2) other security measures to control possible identity theft; and (3) development and definition of standard campus-wide roles defining access rights to data, in conjunction with work of the Single Sign-On Committee.
Committee Chair: Charlotte Klock (ACT)
Data Steward Subcommittee
Mission: The subcommittee develops a data steward policy, oversees the data steward class content and schedule, and defines ownership and data components of core data through data dictionary development.
Focus: The committee is limited to specific use and ownership of data.
Committee Chair: Katrina Albrandt (BFS)
Single Sign-On Oversight Committee
Mission: The committee oversees the implementation of the campus single sign-on strategy by defining: (1) a single user ID/ password that will be used to establish and authenticate the identity of members of the campus community; this will be the basis for granting access to information and systems hosted by Business Affairs; (2) a campus organizational hierarchy to serve as a framework for defining roles authorizing use of services; and (3) integrated directory services to support all of the above.
Committee Chair: Charlotte Klock (ACT)
Campus Health Insurance Portability and Accountability Act (HIPAA) Task Force
Background: The Health Insurance Portability and Accountability Act of 1996 (HIPAA) establishes national standards to protect the privacy of a patient’s protected health information, to provide for security of patient information, and to simplify billing and other transactions. Some HIPAA-covered entities are not directly linked to the School of Medicine or the Medical Center.
Mission: The campus HIPAA team oversees campus compliance for campus organizations such as student health services, athletics, occupational health services, and benefits.
Committee Chair: Brian J. Murray (SOM)
Data Communication Coordination Group (DCCG)
Mission: The DCCG is responsible for network and operating security for business, student, and non-medical information for the campus as a whole. Other responsiblilities include: (1) evaluating technology and networking options for core systems; (2) providing oversight for the development of campus network security policy (PPM 135-3); and (3) developing policies and procedures for dealing with network intrusions.
Committee Chair: Tony Wood (ACS) and Elazar Harel (ACT) – rotating chairs
Electronic Information Task Force (EITF)
Mission: The Electronic Information Task force is responsible for: (1) developing campus implementation guidelines consistent with the University-wide Policy on Electronic Communications; (2) developing guidelines for faculty-, staff-, and student-developed Web sites mounted on campus computing resources; (3) developing guidelines for operation of Web-based servers within the campus networked environment; and (4) addressing other electronic information-related issues as determined by the task force.
Committee Chair: Brian Schottlaender (Library)
Significant UCSD Positions with Major Impact on Computer Security
Data Security Manager – Gabe Lawrence, ACT
Responsible for:
- Establishing, implementing, and maintaining a security program for campus-wide core administrative systems (e.g., Financial, Student, and Payroll/ Personnel)
- Coordinating the formulation of policy
- Determining resources required to support security environments across the large-scale multi-platform systems
- Helping define, develop, and publish security standards for each critical technology environment
The data security manager works closely with department system administrators, auditors, and the network security manager.
Network Security Manager - ACS
Responsible for:
- Developing, selecting, and maintaining software used to monitor the campus network for security-related incidents
- Using monitoring tools, logs, and investigative techniques to identify security breaches and violations of network integrity
- Assessing detected problems, isolating problems, and referring for action as needed
- Working with customers to define router, switch, and other equipment configurations to protect the campus network
The network security manager also acts as a campus security consultant by making site visits as needed, conducting training, making presentations to technical and non-technical groups, and working with individual systems administrators to identify network-related issues and identify strategies to prevent intrusions.
If you have questions about security, contact Gabe Lawrence, (858) 822-3785.
|
|
|
At Your Service Online
