SECURITY of data on UCLouvain servers
Some general information about data protection at UCLouvain are given bellow:
Physical and environmental security
UCLouvain data are dispatched in several DataCenters, located in two different buildings, and equipped with a replication mechanism, able to preserve data if a major problem occurs in one of these buildings. Links between buildings are duplicated too. Some data are even back-up on magnetic tape in a third building.
Physical security of access
Access to the DataCenters were data servers are located is controlled with badges. Personal access are handled strictly: only authorized personal is authorized to enter the buildings. Authorized personal list is kept up-to-date and revised periodically. Access is provided on a daily basis.
The network architecture of the UCLouvain is centrally managed and consist of 7 routers and 400 switches and 13000 user port.
This network infrastructure is connected to the Internet via two redundant routers linked to the BELNET network, the Belgian national research network.
Routers access are protected by next generation firewalls (deep inspection, etc), and controlled by the RSSI (Information System Security Responsible).
The 7 other routers are also protected by firewalls, in order to isolate buildings or specific zone of the UCLouvain campus.
Furthermore, servers inside the datacenters are not directly connected to the UCLouvain network, nor to the Internet. They are isolated by dedicated routers with dedicated firewalls and load balancers.
Information security in research centers and related procedures.
Besides general data security aspects that apply to the whole UCLouvain network, we ask UCLouvain users to follow, in their research centers, the security recommendations that are listed below:
- Data should not be stored on personal computers, but on UCLouvain servers (SharePoint Online, Onedrive, )
- For a specific research project, a common/shared file should be created, and access to these files will be provided to specific adhoc groups (LDAP/AD)
- Personal computers used during a research project should have user session, and identification to these session will use LDAP/AD lists (directory)
- Users’ session should not be automatically accessed when opening the personal computer.
Information security officer
In order to guarantee data protection, UCLouvain has its own Responsible of the Security of the Information System (RSSI):
Alain Ninane, PhD
Place des sciences, 4 bte L.06.08
Tel.: 010/47 96 48
To fulfil his missions, he is helped by two colleagues:
- Pierre Reinbold (Responsible of the Technical Security of the Information System - RSTI);
- Michèle Remy (Data Protection Officer - DPO).