ITS offers a Secure Network Attached Storage (Secure NAS) file service solution. The service is hosted on \\secnas.unc.edu. The service is offered as a departmental solution for the storage of sensitive data. Access is currently limited to the CIFS protocol.
What is Sensitive Data
Data classification and associated requirements are defined in the campus Information Security Policy.
Departments receive a subsidized space allocation calculated against Full Time Equivalent (FTE) employee count. The departmental allocation is 1GB per FTE. This subsidized allocation will be provided as a block to the departmental group, sub-allocation within the client structure is the responsibility of the departmental groups. All questions regarding use and size of subsidized allocations will be directed to your departmental group IT department. Access is currently limited to the CIFS protocol but maybe expanded to other protocols over time. Security and access control lists (ACL’s) are managed via the campus ad.unc.edu Active Directory implementation. Departments will have the option to purchase additional capacity at the rate of $3 per GB billed annually.
Subsidized Allocation Calculation
Total FTEs in a departmental group X 1 GB = Subsidized Allocation
Additional capacity can be purchased in minimum blocks of 200GB. Please submit requests to the Remedy group ITS-Systems or through the Online Help Request website. Note: ITS is working to finalize the billing system to be used for storage services. The rate has been determined but the mechanics of the billing process are a work in progress.
Data Access Controls
ITS will partner with departmental IT staff to offer a hybrid solution for managing data access controls. Access to sensitive data requires specialized approval workflows and documentation. The service is modeled to meet the requirements of the campus Information Security Policy. In brief, departments have the responsibility of identifying stewards and custodians of their data. Departments will manage their related security groups and their memberships. Due to a technical limitation in the solution, ITS will manage the file system access control lists (ACL’s). ITS will process requests to changes in access and will obtain appropriate departmental approvals before making changes. Approvals and access control changes will be documented in Remedy tickets for audit purposes. The technology also provides access logs to track user activity as requested. ITS best practices will be to manage a collection of Active Directory security groups and to assign access controls to directories based on these security groups. Changes to the security groups will me limited to select administrators within ITS.
A collection of help documents about the Secure NAS service is available here.
To find out more details about Secure NAS Service offerings please contact the ITS Systems group by submitting an Online Help Request.