HOM/Security Measures

From Future Worlds Center Wiki
Revision as of 03:34, 12 September 2011 by Elena (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

SECURITY MEASURES

Access to Hotline Investigations Office

The following measures guarantee maximum security regarding the access to the office spaces in which investigations and reporting is made.

  • The office must be held locked at all times.
  • The Hotline Operator is in charge of keys to the office and keeps records of who has copies of such keys.
  • Only staff authorized by the Hotline Operator can access the office in which reports are processed.
  • Only staff authorized by the Hotline Operator can access the computers, which are used for investigation and processing of reports.
  • Only staff authorized by the Hotline Operator can perform maintenance tasks on any computers used for investigation and processing reports.

Computer

  • Only staff authorized by the Hotline Operator can access computer for report processing
  • All external drivers (CD-ROM, floppy, etc) are disabled
  • Computer enclosure must be locked to prevent access to the computer from others
  • Computer hard drive is encrypted and password protected
  • Computer BIOS is password protected
  • Log in is password protected
  • Computer for report processing has a minimal configuration and only absolutely necessary software installed
  • Network access is limited with a firewall.

Web/Database Server

The database in which reports are stored is located physically on a separate server. The following measures guarantee the safety of this server and its data:

  • The database Server is located within the secure space of the Hotline Operator’s office.
  • Only staff authorized by the Hotline Operator can access server for repairs, hardware upgrades, etc
  • If any other person needs to access the Hotline database server, s/he must be accompanied by the Hotline Operator, or by a person authorized by the Hotline Operator.
  • The Hotline’s database is backed up on a daily basis automatically.
  • The Hotline’s database backups are encrypted and stored at a location different from the Hotline Operator’s office secured by the management of the implementing organization.
  • All sensitive information stored on the Hotline server’s database is encrypted.
  • The server on which the Hotline’s database is hosted has a minimal configuration and only absolutely necessary software installed.
  • The Hotline Database includes the following records: Report ID (created automatically by the software); date and time of the reporting; text inserted by the person making the report in the subject line; type of content reported by the person that filed the report.
  • Every other record (traceroute, whois, etc.) is stored in database in form of encrypted files.
  • Screenshots are not recorded at all; instead a link to those is recorded.
  • Site mirror is provided for case of primary server failure.
Retrieved from "https://futureworlds.eu/wiki/index.php?title=HOM/Security_Measures&oldid=2971"
Last modified
This page was last edited on 12 September 2011, at 03:34.
⧼citizen-page-info-0⧽
This page has been accessed 2,927 times.