Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Spinup provides a secure platform for hosting resources with sensitive data, compliant with standards like HIPAA, PHI, and FERPA. This guide highlights the current resources available for sensitive data hosting and key security measures, adaptable to future updates in operating systems and technologies.

Spinup Resources for Sensitive Data Hosting

...

Servers

Spinup offers a range of CIS-hardened server options, regularly updated to include the latest and most secure versions

...

Databases: Spinup provides dedicated database services, including MySQL, PostgreSQL, and SQL Server, all configured on the secure Amazon RDS platform.

...

Storage: Storage@Yale is available for secure data storage needs.

Creating a Secure Space

When setting up a new space, you'll complete a risk assessment to determine the data hosting capabilities. Accepting the Spinup Security Agreement is essential for spaces classified as moderate or high risk.

Servers

All server options are pre-configured with essential security features, including firewalls and multi-factor authentication. The specific configuration details align with the latest security best practices for each server type. Typically, web services are restricted to secure HTTPS connections, usually on port 443, necessitating corresponding firewall settings.

Databases

Spinup provides dedicated database services, including MySQL, PostgreSQL, and SQL Server, all configured on the secure Amazon RDS platform. These databases feature at-rest encryption, centralized logging, and support for SSL connections. Access is restricted to servers within the same Spinup space, enhancing data security.

Storage

Storage@Yale is available for secure data storage needs.

Creating a Secure Space

When setting up a new space, you'll complete a risk assessment to determine the data hosting capabilities. You must agree to the Shared Responsibility Agreement for Moderate to High-Risk.

Using a Storage@Yale share on your secure server

...

When the share is ready you can mount it on your server:

Linux:

  • Install cifs-utils

    Code Block
    languagebash
    sudo yum install -y cifs-utils
  • Mount the share using your AD credentials, e.g.

    Code Block
    languagebash
    sudo mount.cifs //storage.yale.edu/home/YXNAT-CC1000-SSPS-AHEF /mnt -v -o vers=3.0,domain=yale,username=netid
Info

To automatically mount the share at boot, add an entry to your /etc/fstab file.

Windows:

  • Attach the share as you would with any regular Windows network share.

...