Balancing the University's security needs with the flexibility and creativity needed for Engineering research is a difficult task. We work with research groups to find solutions that enable cutting-edge research while adhering to the university's Data Security Initiatives.
Data Security Policies♯
Auditable Whole-Disk Encryption♯
CTS recognizes the importance of whole disk encryption for laptops and mobile devices, as well as the computers of any staff or faculty who deal with appreciable amounts of student data on a regular basis. We install Sophos SafeGuard software on all applicable University-owned computers in accordance with Drexel's Data Security Initiative.
Data Storage and Backups♯
CTS requires that faculty and staff store sensitive data on University resources, including the COE File Server, and Office365 storage locations including OneDrive and SharePoint. All full-time Engineering faculty and professional staff have active CrashPlan accounts to handle unlimited personal file backups on up to 5 University-owned computers.
Use of external data storage
University data should be stored on approved resources. CTS does not support or condone the use of 3rd party resources (e.g. Gmail, Dropbox, iCloud, etc.) to store or conduct University business. Faculty and staff who do so assume any liability associated with using these services.
Network Security Policies♯
Private Networks and Remote Access♯
All of our offices, classrooms, and lab network connection are configured to provide access to Drexel's RFC1918 networks. The private 10.248.x.x address space in use throughout most of our buildings is accessible across the entire Drexel network, including remotely via VPN. To the outside world, these networks are NAT'd to appear as hosts in the 144.118.x.x address space.
CTS requires VPN use for off-campus access to all resources except websites intended to be available to the entire internet.
Firewall Best Practices♯
Our public networks are under constant assult in the form of probing and intrusion attempts. We recommend that firewalls be configured and active on all computing devices. Please leave Windows and macOS firewalls enabled. If you need assistance configuring a Linux firewall, please let us help.
Reporting a security issue♯
We appreciate that some of our students are quite adept at network security. Drexel's Information Security team has implented a bug bounty program that lays out a set of guidelines for students interested in probing network resources for holes (hack ethically, do not share confidential information, do not engage in illegal actions, and do not employ social engineering).
If you find a security issue with a COE server, please let us know and we'll reward your efforts.
Physical Security Policies♯
Protecting against unauthorized physical access is a cornerstone of any information security policy.
Rooms with swipe card access♯
CTS manages door access via Drexel's CCure system. Access requests to secured rooms are granted with the approval of the room's manager. Card access lists and logs are available upon request.
CTS maintains a number of legacy cameras in public hallways, certain classrooms, and shared spaces through the College. Recordings are kept for 30 days, after which point they are automatically overwritten. We follow all of the Department of Public Safety's (DPS) general principles for CCTV Monitoring and Recording of Public Spaces for Safety and Security Purposes. In the event of an incident, we provide all relevant recorded video to DPS for further investigation.
For all new camera installation requests, COE CTS will work with DPS to obtain quotes for installation of approved camera models. Installation, access, and maintenance will be handled by DPS.