Security Plan

Security Plan

1. Policy Statement

McMaster University Library (MUL) recognizes that there are two main areas of vulnerability to consider: the vulnerability of the information systems and data, and the vulnerability of the physical space in which the servers housing the MUL systems and data reside. The MUL Digital Experience Unit uses industry best practices and a strict evaluation of necessary access in order to mitigate risk associated with unauthorized access to these resources.

2. Security Implementation

2.1. Information Systems Security

Except as necessary to provide external access to the Designated Community, MUL servers hosting the Digital Archive and the Closed Archive data, are located on an internal network to which only MUL staff machines and other servers have access. In addition, MUL IT staff enforce strict control over user privileges within all MUL systems. Any MUL staff who needs to work with production MUL systems in the course of his or her work, only has access to do the tasks specific to his or her duties. All remote administrative access to MUL systems requires a cryptographic key to prevent password guessing or brute force attempts. MUL production systems use SELinux in enforcing mode to prevent tampering with files and processes. Production systems are monitored 24/7 and IT staff are notified when unusual activity is detected.

2.2 Physical Security

All MUL services and data are housed on servers located in a secure computing facility at McMaster University Hamilton campus.  Access to this space is restricted only to authorized individuals, is subject to monitoring by staff during business hours. The space is equipped with a fire suppression system and it is monitored by a series of motion detectors and alarm systems during non-business hours. These alarm systems are connected to library security and a contracted security firm, who can escalate calls to either campus or municipal police.

January 07, 2020

Digital Archive Advisory Board, McMaster University Library