38,757
edits
(Importing a new version from external source) |
(Importing a new version from external source) |
||
Line 1: | Line 1: | ||
==Research team responsibilities: security in the cloud== | ==Research team responsibilities: security in the cloud== | ||
Research teams are responsible for security controls to protect the confidentiality, integrity, and availability of their research data. Each team is responsible for installing, configuring, and managing their virtual machines, as well as their operating systems, services, applications. They must [ | Research teams are responsible for security controls to protect the confidentiality, integrity, and availability of their research data. Each team is responsible for installing, configuring, and managing their virtual machines, as well as their operating systems, services, applications. They must [[Security_considerations_when_running_a_VM#Updating_your_VM|apply updates]] and security patches on a timely basis. They must configure security group rules that limit the services exposed to the Internet. They must ensure backup and recovery procedures are implemented and tested. They must ensure the [https://en.wikipedia.org/wiki/Principle_of_least_privilege principle of least privilege] is followed when granting access. |