Hello all,
Do the IT security policies affect how you operate your workstations that
control and collect data from your instruments?
I recently had an AV program running on the PC that controls the Orbitrap try
to download a file which probably was a virus definition update but was flagged
by the IT firewall scanners as malware. This prompted a visit from the IT
security specialist and we had a long conversation about current and proposed
security measures to protect University IT infrastructure.
The recent high profile security breaches of certain medical and financial
institutions have heightened awareness and anxiety about how to best protect
but still not interfere with the business operations.
In my case the following are some of my practices on the data collection
workstations:
- Windows file sharing between the instrument control PC and the data analysis
PC
- TeamViewer to remotely view and control these PCs, and allow Thermo tech
support access when troubleshooting problems
- Do not do scheduled intensive AV scans of hard drives which would otherwise
potentially cause data loss if it occurs during data collection.
- Do not have any email access at all
- Do have a web browser installed but it is used sparingly and only for certain
purposes
The first three of the above are “prohibited" by the IT policies here. We
discussed a number of solutions which included locking down the firewall on the
PCs to prevent peer to peer file sharing. I would then transfer files from the
instrument control PC to the data analysis PC via OneCloud file server. This
isn’t a bad compromise. TeamViewer is not good either, but they said they
would try to institute a second level authentication then they would be happy.
This would be good too if possible. Realize that if your TeamViewer account
were compromised, your entire institution could be at risk by way of access
through the controlled PCs. The last item was the scheduled AV scans. I’ve
had data loss when the Orbitrap was running simply by transferring 5 to 10 RAW
files at a time over to the analysis PC. So I am concerned that an intensive
scheduled AV scan might also cause data loss for the sample currently being run
on the instrument. I could test AV scans during data collection and find out.
But usually things go okay until you have a really important sample then things
that never were a problem before suddenly crop up to trash the analysis. The
were happy that no email is used on it but were cocking their eyebrow about the
use of the web browser, in the PCs current “semiprotected” state.
I’m asking people in this forum to provide feedback, so we can all learn about
how IT security policies have shaped how you run your data collection systems.
What works, and importantly, what doesn’t work to allow a core facility's
special needs - which are dictated by vendor software requirements for data
collection - that also satisfy the needs for IT security.
No one wants to be “that” person who is responsible for a security breach that
lands their institution in the news headlines.