HomeData at Rest (DAR) Encryption

Deployment of Data at Rest Software

Thu, 03/05/2009 - 23:18 — binde

Implementation document listing the milestones in the implementation of DAR encryption. General rollout begins in the first quarter of FY2009.

 

Implementation Plan

Data-at-Rest Encryption Considerations

 
 

Overview of Operational Processes

 
After the initial phases involving Acquisition and Contract and the development of supporting Policy and Procedure documents, the Data-at-Rest Encryption Software project will require ongoing support in the areas of system administration, service administration and license administration.  Staffing, training and documentation are the foundation upon which the administration of the project stands. 
 
Acquisition and Contract
·    Terms and conditions for acquisition of additional licenses
·    Annual maintenance costs
·    Hardware purchase
 
Policy and Procedure
·    Identification of pilot department
·    Identification of target devices and target departments
·    Planned rollout to additional departments
·    Conditions for third party recovery of encrypted data (who performs, who authorizes, under what circumstances) 
·    University policy support for the DAR initiative
·    Chain of custody for audit reports and logs
·    Software rollout

 
 
System administration
 
·    Disaster Recovery for Safeboot Management Center
·    Maintenance operations (patching, OS upgrades, application patching, application upgrades)
·    LDAP access
·    LDAP compatibility
·    Managing audit reports and logs
·    Examination of logs
·    Log archive
 
Service Administration
 
·    Password recovery for users
o   Safeboot webRecovery
o   Safeboot webHelpDesk
·    Administration of the Safeboot Management Center
·    Initial installation of Safeboot Management Center
·    Product rollout schedule
·    Data Recovery by Authorized Third Party
·    Log retrieval
 
License Administration
 
·    Tracking licenses and license transfers
·    Installation and initial distribution of client software
·    Client software upgrades
 
Staffing, Training and Documentation
 
·    Training for systems administration staff
·    Backup staffing
·    Documentation of processes and procedures 
·    End User documentation
·    Identification of authorized parties for third party data recovery
·    Fielding “level 2” Helpdesk questions
·    User training
·    Helpdesk staff training and documentation
·    User acceptance training to underscore the need for DAR encryption
 
 Contact:  safeboot-support@ess.rutgers.edu