Managed Hosting for Export Controlled Data
The University of Cincinnati (UC) offers a service for storing export controlled research data. This service adheres to the guidelines described in Safeguarding Export Controlled Data.
The manage hosting service provides the following:
The server is housed in a climate-controlled, locked data center with physical access controlled via individually-issued electronic card keys using a card-key system that logs all entry events. Physical access to the server is limited to authorized staff employed by UC.
A local software firewall and an external hardware firewall provides monitoring and control over inbound and outbound network traffic. Only authorized network traffic will be permitted. Firewall permit and deny events are logged.
Access will be granted to a limited number of authorized users only, as determined and requested by the PI. Access requests and approvals will be logged. No access will be granted to non-US Persons without an export license, exemption, or other government authorization. US Person status will be confirmed with UC's Human Resources department before access requests are granted. Exception status will be confirmed with UC's Director of Export Control.
All remote access to the server will be controlled via unique username and password credentials. All authentication events, including username, date/time and source IP address, will be logged to a central server monitored by UC's Information Security office (InfoSec).
Maintenance and configuration
The server utilizes up-to-date malware detection software. The operating system and software will be kept current on security patches by authorized US Person staff employed by UC InfoSec.
Data will be backed up via an encrypted network connection to a remote site leased by UC and staffed by US Persons. Access to backups will be limited to authorized US Person staff employed by UC.
Decommissioned drives will be destroyed by shredding through UC Surplus. All other media sanitization will follow UC's Electronic Media Sanitization Standard.
All remote access to the data will be conducted via encrypted network connections. Wireless network access to the data is disallowed except from UC remote connections or where UC VPN is used.
Remote access from shared, public computers or from computers with no local access control is prohibited by policy.
Copying of data from the server is prohibited by policy unless:
1) the data is transmitted via a local, private network to an access-controlled authorized backup device, or
2) the data is transmitted via an encrypted network connection to an encrypted volume by an authorized user with prior approval from the PI, or
3) the data is transmitted via an encrypted network connection in the form of an encrypted file or volume from an authorized user, to an authorized recipient as determined by and with prior approval from the PI.
For further information about managed hosting of your export controlled data, contact the Export Controls Office
. (All information adapted with permission from CalTech Information Management Systems & Services)
Contact Us Mailing Address:
University Hall, Suite 560D
51 Goodman Drive
PO Box 210567
Cincinnati, OH 45221-0567 Tara Wood
Director, Export Controls Exportco@uc.edu
Sr. Export Control Specialist Tina.Bosworth@uc.edu
513-558-1128 What to do fact sheet