Comments
Description
Transcript
PCCD Q&A – March Compu-rep Meeting
PCCD Q&A – March Compu-rep Meeting Question: To whom will the Cherwell system send the order and delivery notifications x (when the BookStore) processes an order for a personal computer? Answer: The notification will be sent to the person responsible for deploying the computer; however, it is important to note that the person responsible for deployment must be correctly identified on the order to ensure that this person receives the notification. Presently, the BookStore often received orders where the person responsible for deployment is not identified or is identified incorrectly. Further work is underway to make the process for collecting key information regarding the deployment with the order more robust. The PCCD project team is aware that EPIC does not prompt the person placing an order to provide this information. Question: I understand that the proposed Custody and Control of Electronic Devices x and Media Policy requires that data be wiped or encrypted before the drive is returned to vendor. How can I comply with this policy if the drive has malfunctioned? Commissioning Question 1 Decommissioning Answer: Question 1 Dell offers a low cost option to keep the malfunctioning drive. If the drive was supplied as part of Dell system, this might be your best option. If it is necessary to return the drive to the vendor and you are unable to wipe or encrypt the data, discuss the situation with the University’s IT Security Coordinator before returning the drive to the vendor. Question: Can you integrate the Data Destruction Form into Cherwell? x Answer: Some aspects of the Data Destruction Form have already been incorporated into Cherwell workflow; however, because some areas do not use Cherwell (at this time), it was necessary to provide a nonCherwell method of gathering the information. Areas that use Cherwell will gather some of the information via Cherwell workflow rather than using the form. The completed Data Destruction Form will be scanned and attached to a Cherwell ticket. The “filing system” for the completed forms will be Cherwell. Question: Does the proposed Custody and Control of Electronic Devices and Media x allow for home use of a computer after the user has left the University. Answer: No. The policy purposefully and specifically prohibits the sale or donation of personal computers to external parties. A person who is Decommissioning Question 2 Decommissioning Question 3 leaving or has left the University would be regarded as an external party. The University does allow and has provisions for offsite use of University equipment by University employees. Question: Does the policy restrict redeployment to a unit, faculty, department, etc?x Answer: No, the proposed Policy does not restrict redeployment according to organizational boundaries. If the equipment is registered in the Capital Asset Database then the equipment should be removed from the database or the database should be updated to reflect the transfer. This can be accommodated by clearly indicating on the Data Destruction Form that the redeployment will involve a transfer of ownership between units/faculties/departments, etc. Question: Where is the drop off location at Bannatyne Campus for items that are to be x decommissioned? Answer: The project team has secured temporary space for decommissioning at Bannatyne campus. Because it is infeasible to receive equipment for decommissioning at the current H&SC desk location at Bannatyne, you should contact the H&SC and make arrangements to meet a H&SC representative at the temporary storage space. The project team is continuing to work with space planning to secure a better location at Bannatyne. Question: Will the H&SC provide a receipt for items that are brought/delivered to thexH&SC for decommissioning? Answer: Yes. The Data Destruction Form includes an option to request an email confirmation of data destruction. If the Data Destruction Form is email to the H&SC then your sent email is the record of the submission of the form. If the Data Destruction Form is brought to the H&SC in person then a H&SC representative will sign the form and, if you request it, provide you with a photocopy of the signed form. Question: Is the new decommissioning process to be used only for the computer itself x or can peripherals and accessories also be brought/delivered to the H&SC. Answer: Accessories and peripherals may be brought/delivered to the H&SC or you may arrange to have these items picked up by Physical Plant. You are encouraged to dispose of the peripherals and accessories along with the computer to minimize the transportation time and effort. Additionally, Physical Plant will no longer pick up computers (that are eWaste) unless the request originates from the H&SC. Therefore, the easiest way for you to deal with accessories and Decommissioning Question 4 Decommissioning Question 5 Decommissioning Question 6 Decommissioning Question 7 peripherals that are eWaste is to bring them or have them transported to the H&SC for processing. Question: Can we donate computers if the hard drive or other media has been removed? x Answer: The proposed Policy prohibits donation of used computers, regardless of whether the drive/media has been removed. The Policy does allow for donations to be made in exceptional situations with the prior written approval of the CIO, IST. The practice of donating used computers was discussed extensively by the ROSE steering committee and the University executive management team. It was decided that the practice of donating computers often gives risk to more risk and cost than the offsetting goodwill warrants. The Policy allows for exceptions where it can be demonstrated that the goodwill outweighs the cost and risk associated with the donation. Use good judgment when determining whether to request permission to make a donation. Question: How does the process apply to electronic devices other than personal computers x (e.g. servers, networking equipment, etc). Answer: From a strict project perspective, as the name implies, the Personal Computer and Commissioning and Decommissioning project was responsible only for personal computers. However, the University has set up these processes such that the H&SC will provide a value added service to the University and we envision that the H&SC will become responsible for processing all electronic devices and media. You are strongly encouraged to contact the H&SC about the disposal of electronic devices and media other than personal computers. Remember, the proposed Policy has broad applicability; it is not limited in scope to personal computers. Question: Does the Data Destruction Form accommodate “bulk” processing, i.e. more x than one computer on one form? Answer: Yes. There are planned changed to the Data Destruction Form. A new Schedule provides a table that can be used to list multiple items associated with a single form. All items on a common form must have certain things in common. For example, equipment that is being redeployed must be reported on separate from than equipment that is being recycled. If further clarification is required regarding a specific situation, please contact the H&SC before completing the form. Question: How does the Policy apply to situations where there are multiple people x using a computer? Answer: The Policy was not intended to prohibit the use of a computer by multiple people, nor was it intended to make it onerous to manage a Decommissioning Question 8 Decommissioning Question 9 Decommissioning Question 10 Decommissioning Question 11 computer used by multiple people. Please provide additional information to the PCCD team about the use cases for multiple users. We will review the use cases and advise how they can be addressed. Alternatively, on an ongoing operational basis, you can consult with the University’s IT Security Coordinator. It may be appropriate, in some cases, to encrypt profiles or to direct users to avoid storing certain types of information on the hard drive of a shared use computer. The more information you can provide to the PCCD team regarding share used computer use cases, the better the project team will be equipped to address this situation/requirement. Determination of a change in “Control and Custody” may be less obvious in some situations. If in doubt, discuss the matter with the University’s IT Security Coordinator. Question: Is there still an “Amnesty” for old computers, hard drives, and other media? x Answer: The University wants you to use this new decommissioning process regardless of whether you know who last used the equipment. From the point forward, you should take any necessary steps to ensure that a single person is identified as the person responsible for each computer. If you turn in a Data Destruction Form (and equipment) indicating that you don’t know who last used the equipment; however, you are responsible for providing all of the information on the form wherever it is available. Evidently, if someone repeatedly turns in relatively current equipment claiming to not now who last used the equipment this will eventually be cause for concern and may be investigated. Internal Audit might, at some time, audit compliance with the proposed Policy and associated processes. Although the Policy is still pending at this time, you are expected to begin following the Policy, as proposed, and the respective processes, commencing immediately. Although the official launch date for the new processes is Feb 24, 2014, the official launch is mostly related to promotion of the Cherwell workflow into production. It is recommended that you commence using the Data Destruction Form and the process immediately. Question: Can the H&SC accommodate the volume of equipment that might be turned x in under the amnesty program? Answer: The H&SC has already received large volumes of equipment under the amnesty program and will not refuse equipment. It would be prudent, however, to contact the H&SC in advance if you are planning to bring a very large lot of equipment for decommissioning. Normally, large lots will be transported by Physical Plant, and the H&SC will arrange the transportation, which help with managing the decommissioning Decommissioning Question 12 Decommissioning Question 13 workload. Question: Decommissioning Answer: Question 14 Where is the related documentation going to be located? x A webpage will be created for PC commissioning and decommissioning and it will contain information pertaining to today’s discussion as well as information pertaining to the Apple and Microsoft deployment tools. In the interim, the Data Destruction Form is available here: http://www.umanitoba.ca/computing/ist/systems/pccomdcom.html Question: What tools are approved for wiping data? x Answer: The ATA Secure Erase command, where available and properly implemented, can be used to wipe data from solid state devices. DBAN may be used to wipe data from rotating magnetic media. N.B. Wipe tools that were designed to render data unreadable on traditional rotating magnetic media may not be effective on SSDs. Refer to the Procedure and Standard for more detailed information. Question: What happens to the equipment after it (and the associated Data Destruction x Form) is brought to the H&SC? Answer: The H&SC will retain the equipment for up to four weeks before destroying the data. Data destruction depends on the nature of the equipment, but hard drives and solid state drives will normally be physically destroyed using a purpose build drive crusher. Once the data has been destroyed the resulting (non-sensitive) eWaste will be transported by Physical Plant to an EPRA collector for responsible recycling. Question: Who is the operational owner of the decommissioning process? x Decommissioning Question 15 Decommissioning Question 16 Decommissioning Answer: Question 17 Brenda McArthur, Manager, H&SC Generally, questions regarding the decommissioning process should be directed to the H&SC. Question: What about smart phones x Answer: From a project perspective, the personal computer commissioning and decommissioning project is not responsible for the process for decommissioning smart phones; however, the Policy applies to smart phones and the processes accommodate smart phones. Please contact the H&SC for advice/guidance as to the best way to decommission any electronic devices or media that may contain sensitive information. Decommissioning Question 18 Decommissioning Question: What about leased equipment? Question 19 x Answer: The Policy requires that the media in leased electronic devices (e.g. leased computers) be wiped using an approved method/tool before returning the item to the lessor. Question: What if I have a computer that is three years old and still usable? x Answer: The Policy allows for redeployment of useful computers. N.B. the IT Standards Committee will be releasing a minimum standard that computers should meet if they are redeployed for normal/typical use. Computers that do not meet the minimum standards for normal/typical use should not be redeployed for that purpose. It is recognized that there are circumstances at the University were computers that do not meet the minimum standard for redeployment may be reasonably redeployed other purposes to which the minimum standard does not apply. Question: Who arranges for transportation of eWaste to the H&SC? x Answer: A technical representative who has equipment that requires transportation to the H&SC for decommissioning will forward a copy of the completed Data Destruction Form to the H&SC. The requirement for transportation of the equipment to the H&SC shall be indicated on the Data Destruction Form. The H&SC will raise a Cherwell IT service management ticket and forward the ticket number to Physical Plant along with the request for transportation services. Question: To where/whom do I deliver or send the Data Destruction Form. x Decommissioning Question 20 Decommissioning Question 21 Decommissioning Answer: Question 22 Question: Decommissioning Answer: Question 23 Question: Decommissioning Question 24 The completed Data Destruction Form should be delivered or forwarded to the (local campus) H&SC. Details for submitting the form are provided in the instructions included on the current version of the Form. The H&SC desk at Bannatyne is located in the library. How do I drop off equipment x at the Bannatyne H&SC? If you plan to bring equipment to the Bannatyne H&SC you must contact the H&SC in advance and make mutually convenient arrangements for the equipment drop off. The project team is working to secure suitable, permanent space for decommissioning at Bannatyne campus. The standard practice in our faculty/department/unit is to remove media x that might contain sensitive data and physically destroy the media before it leaves our area. How can we arrange for transport of the media to the H&SC and have the rest of the eWaste sent directly to recycling. Answer: The process for decommissioning has been standardized and the standardized process does not involve removing media until the equipment has been received by the H&SC. The Office of Legal Counsel, the Privacy Officer, and the Chief Risk Officer were all involved in the design of the standardized processes. Exceptions to the documented process increases risk. The further one deviates from the standard process, the higher the risk to the University. You are accountable to the Custody and Control of Electronic Devices Policy and Procedure. Please comply with the documented process. Under typical circumstances, data will not be wiped, removed or destroyed before electronic devices and media are transported to the Help & Solutions Centre for decommissioning. If the equipment might contain very sensitive data or there are other reasons why the data must be destroyed before the equipment is transported then a software wipe is recommended. Removing and physically destroying the media before transporting the equipment to the H&SC is inconsistence with the standardized process. Question: What evidence provides an audit trail demonstrating that Physical Plant x took custody of the equipment (for transport to the H&SC)? Answer: The (most current) version of the Data Destruction Form includes a section where the person relinquishing control of equipment to Physical Plant for transport to the H&SC can request that the Physical Plant representative provide a signature confirm transfer of custody. The signed form should be retained in the area where the equipment was used. The form will have been forwarded to the H&SC prior to arranging pickup of the equipment. It is optional, but unnecessary, to forward an updated copy of the form (showing the signature from Physical Plant) to the H&SC. Question: What evidence provides an audit trail demonstrating that the H&SC received x the equipment from Physical Plant? Decommissioning Question 25 Decommissioning Answer: Question 26 Two separate records will be created when equipment is delivered by Physical Plant to the H&SC. Physical Plant will request that someone from the H&SC sign the delivery receipt, which Physical Plant will retain. The Help and Solutions Centre will record the receipt of the equipment in an IT service management ticket in Cherwell. Decommissioning Question: Question 27 Is the transportation service provided by Physical Plant secure? x Answer: Physical Plant will be aware that the goods that they are transporting might contain sensitive data and must be transported in a secure manner. When transporting equipment that might contain sensitive data, Physical Plant will take appropriate precautions, which might include direct delivery between the point of origin and the H&SC. Physical Plant will only transport equipment that might contain unsecured (i.e. unencrypted) sensitive information intra-campus. Data must be removed, destroyed, or encrypted, in accordance with the Custody and Control of Electronic Devices Policy, before equipment is transported inter-campus or between an off campus location and the Help and Solution Centre. Question: Please reduce the length of the Data Destruction Form from three pages x down to two pages. Decommissioning Answer: Question 28 Question: Decommissioning Answer: Question 29 There are likely changes that can be made to the Form to make it easier to use. The operations team will be responsible for further improvements to the Form. Why is it necessary to record the client/user’s name and contact information x on the Data Destruction Form? The University had determined that it is a good practice to maintain records of the destruction of media and data associated with particular persons. Question: Can I use the PC Decommissioning process for other electronic devices? x Answer: The Personal Computer Commissioning and Decommissioning project was responsible only for the development and implementation of processes for decommissioning of personal computers; however, the Custody and Control of Electronic Devices and Media Policy and Procedure apply more broadly as to most aspect of the process. It is recognized that it becoming common place for virtually any type of electronic device to have the potential to contain sensitive information. Accordingly, it is recommended that you leverage the services of the H&SC to assist with decommissioning of any device that might contain sensitive data. One of the benefits of the new process is that it facilitates the development of level of concentrated expertise in the decommissioning of electronic devices. As decommissioning continues to become more complex, it is not an efficient use of University resources to have a large number of people responsible for decommissioning in a highly distributed/disparate support model. Decommissioning Question 30 Decommissioning Question: Question 31 Why not use a mobile equipment shredding service? x Answer: The option to use an external party/service for data/media destruction was considered in detail by the project team, which included representation from the Office of Legal Counsel, the Privacy officer, and the Chief Risk Officer. Ultimately, having considered all of the risk factors, including contractual matters, the University concluded that the process that has been implemented is the preferred approach for the University. Question: What do I do if I want to keep the equipment for use as spare parts? x Answer: You may retain equipment for spare parts if you: Decommissioning Question 32 Complete the Data Destruction Form and forward it to the H≻ and Wipe data from media using an approved method. Once you are ready to dispose of the spare parts they may be processed as eWaste that does not contain sensitive information. Question: I want to dispose of some eWaste that I know does not contain any sensitive x information. How do I do this? Answer: If you have equipment that you are certain does not contain sensitive information then you may submit a request to Physical Plant to collect the eWaste for direct transfer to an eWaste processor (i.e. direct without involvement of the H&SC); however, Physical Plant will require that you sign a form confirming that you are taking responsibility for the equipment being free of sensitive information. If there is any possibility that the equipment might contain sensitive information then follow the documented decommissioning process. You may also include eWaste that doesn’t contain sensitive information with equipment that requires decommissioning; i.e. you may include monitors and peripherals with computers that are being transported to the H&SC for decommissioning. Question: Can the Data Destruction Form be implemented as a Web Form? x Answer: Ideally, the Data Destruction Form would be an electronic form that directly leverages Cherwell’s workflow capabilities. However, at this time, it may not be feasible to create an interface between a web form and the Cherwell system. Depending on the applicable circumstances, completion of the Data Destruction Form may involve obtaining more than one signature. Implementing workflow for approvals for multiple people is a non-trivial undertaking. The operations team will look for opportunities to improve the form for better efficiency. Decommissioning Question 33 Decommissioning Question 34