Maintenance of IT Infrastructure
PURPOSE
This SOP describes the relevant monitoring and data management systems that are being used within HIC. These systems may be hosted in on-premise data centre or with a cloud service provider.
SCOPE
This SOP covers the IT Infrastructure hardware and software products that are owned or used exclusively by HIC. It does not cover products or services owned or provided by the wider University or by NHS Tayside.
RESPONSIBILITIES
ROLE | RESPONSIBILITY |
IT Administrators |
|
PROCEDURE
Principles
Monitoring: Services running in cloud environments rely on the cloud providers' managed service for monitoring applications and infrastructure. For example, in the case of containerised applications, a health check command is executed periodically to verify availability.
Logging: Where possible, logs are collected and stored centrally using an appropriate service for the given environment.
Back up: For the protection of data, a backup system appropriate to the environment is employed. Cloud based resources are backed up using the service provider’s recommended backup solution at regular intervals.
Anti- Malware Controls: We deploy and manage a commercial anti-virus package within all of our environments. This is compatible with our on-premises equipment and cloud-based resources.
Clock Synchronisation: On-premises servers are to synchronise their time with domain controllers using NTP. In our Cloud environments, we rely on the operating system distribution’s default configuration.
Change Control: There is a weekly maintenance period for performing planned changes to IT Infrastructure.
Steps
Monitoring of the Infrastructure services is provided in the following categories:
Availability - servers are monitored internally and externally.
Security - security related events are logged on individual servers.
Forensic - security related events from the last 30 days are collected and stored centrally to assist in the diagnosis of any reported breaches of network security.
External services - HIC services available on the public Internet such as websites are monitored remotely in order to collect performance and availability data.
For all data and relevant virtual machines residing in all HIC data centres, the following back up procedure is followed:
Data is backed up within a schedule based on the type of data.
Local backups are taken to primary site backup media or disks.
Disaster Recovery (DR) site backups are transferred to DR site media or disks from the primary site backup location.
Data and system configuration on cloud hosted virtual machines are backed up using the appropriate backup service offered by the provider.
Automated reports on the status of the previous night’s backups are available and checked by the IT administrator(s) as part of routine monitoring activities.
Details of backup schedules, media used, source and destination storage locations, and data retention periods are reviewed within the relevant service’s Service Description for the appropriate HIC data domain.
Security Patching
On-Premises Windows servers and desktops: all servers running a supported version of Windows are patched using a centrally managed service. Security patches are applied regularly according to a rolling schedule.
On-Premises Linux servers: All servers running a supported version of Unix or Linux are patched by an IT Administrator using a manual process.
Cloud Hosted Windows Servers: Windows Updates are applied automatically. These are rebooted during our maintenance window to ensure patches have been applied.
Cloud Hosted Linux Servers: Cloud provisioned Linux servers are configured at first boot to apply unattended upgrades and reboots.
TRE workspaces are isolated with no internet access and therefore at lower risk of threat and will not be patched.
Hardware Failure
In the event of hardware failure an IT Administrator will contact the appropriate Supplier to request support.
If a site visit is required from a supplier representative, this will be carried out under the supervision of a HIC IT Administrator. At no time will hardware containing data leave the IT Server Room/s.
For hardware that is not covered by a supplier warranty or support agreement, internal investigation and remediation activities will be undertaken.
If the hardware failure has resulted in a service outage, a HIC IT Administrator will report the status and progress of any hardware fault to the relevant stakeholders.
Cloud Service Provider Failure
In the event of a failure on a cloud service provider an IT Administrator will attempt to restore the service .
If the service cannot be restored the IT Administrator will open a support ticket with the cloud provider.
If the failure has resulted in a service outage, a HIC IT Administrator will report the status and progress of any resolution to the relevant stakeholders.
Disposal of Assets
All local storage from equipment that is to be decommissioned are removed for destruction using the secure disposal service provided by the University of Dundee unless the local storage has hardware encryption enabled or is securely erased before leaving HIC’s control, in which case they may be repurposed (retired media is securely overwritten before formatting). The following configuration details are recorded for each device:
The type of device.
Encryption type and state.
Whether a secure erase was performed.
For each disposal, the total number of devices is matched with the data available on the receipt from UoD IT or their contracted secure disposal service.
All hardware that has been decommissioned is disposed of using the standard, environmentally friendly, service provided by the University of Dundee. All hardware disposals are recorded in the Asset Register.
APPLICABLE REFERENCES
Data Security
Data Access Approvals
Incident Management
Information Security Policy
DATAENTRY Veeam Backup
For Definitions see ISMS Glossary
DOCUMENT CONTROLS
Process Manager | Point of Contact |
---|---|
Chris Hall |
Revision Number | Revision Date | Revision Made | Revision By | Revision Category | Approved By | Effective Date |
---|---|---|---|---|---|---|
1.0 | 01/01/24 |
| Bruce Miller and Symone Sheane | Superficial | Governance Co-Ordinator: Symone Sheane | 10/01/24 |
1.1 | 04/04/24 |
| Bruce Miller | Superficial | Governance Co-Ordinator: Symone Sheane | 5/04/24 |
1.2 | 10/04/24 |
| Symone Sheane | Superficial | Governance Co-Ordinator: Symone Sheane | 10/04/24 |
1.3 | 19/04/24 |
| Symone Sheane | Superficial | Governance Co-Ordinator: Symone Sheane | 19/04/24 |
1.4 | 30/04/24 |
| Bruce Miller | Superficial | Governance Co-Ordinator: Symone | 30/04/24 |
1.5 | 02/05/24 |
| Bruce Miller | Superficial | Governance Co-Ordinator: Symone Sheane | 02/05/24 |
1.6 | 09/10/24 |
| Bruce Miller | Superficial | Governance Co-Ordinator: Symone Sheane | 18/11/24 |
1.7 | 18/11/24 |
| Symone Sheane | Superficial | Governance Co-Ordinator: Symone Sheane | 18/11/24 |
1.8 | 29/11/24 |
| Symone Sheane/Chris Hall | Superficial | Chris Hall | 29/11/24 |
Copyright Health Informatics Centre. All rights reserved. May not be reproduced without permission.
All hard copies should be checked against the current electronic version within current versioning system
prior to use and destroyed promptly thereafter. All hard copies are considered Uncontrolled documents.