Planning and Delivery are in Progress.

Report Date

March 2019

Report For March 2019

Achievements in the last Period.

Technical Controls

SIEM – Splunk Neil Kell has highlighted a standard, GPG13 (Good practice guide) that would satisfy our ISO27001 SIEM guidelines.

We have selected and implemented Splunk as our SIEM Tool. We have also agreed that we need to implement the GPG13 Splunk application. We have a splunk consultant onsite to complete our build from the 8th – 12 of April. At this point the consultant will give a Demo of what been accomplished so far and should be treated as a Proof Of concept demo for the wider Uni. This will include the functionality included in the Enterprise Security Component which has been ordered.

 Cryptography & Key Management

Several ISO27001 risks will be mitigated by implementing Data at rest encryption and we have identified a method of doing this. We have purchased the required key Managment and encryption appliance to do this. We have an issue however that we can’t power this up at the ACF Data centre due to a shortage of UPS (Uninterruptable Power Supply) at the site. There does not seem to be a short term solution to this.

NTP (Network Time Protocol) Server.

We have a requirement to put in an NTP Server. We have a contractor due to put an aerial on the room at JCMB. We have ordered a primary NTP Server for JCMB and a slave to go at the ACF. (This architecture is due to us not being able to put an aerial on the roof at the ACF Data Centre).

Environment Patching.

OS Patching is covered within Policies and Procedures. However a further requirement to achieve the standard prescribed by Cyber Essentials Plus was required by NHS Lothian. This requires that we patch every component related to the DSH (OS, Application, server, switch, etc.) with 14 days of a critical patch coming out. This is a major overhead and we’re not at the level of frequency currently. We have vendors out looking at tools that may assist us with this going forward, but it doesn’t feel like we’re getting close to a solution. I have also gone to market to try and find a contractor that could do this manually in the short term. This may be the quickest way to progress initially.

Asset management

We have written, reviewed and signed off all the required procedures for this. Next step is to identify all the required assets to go into the asset management tool (Device 42) and get it populated. We have a contractor starting in a couple of weeks who will be picking this up.

Performance Metrics

We have documented the initial Performance Metrics. These will go through a few iterations of review and update.

Business Continuity

We are still waiting on the University Standards Document so we can progress the related Procedures.

Policy and Procedures.

We have made good progress with Procedures related to Asset Management, Access Management and Operational Security. We have a key blocking requirement around Tasks relating to Patching as a requirement for NHS Lothian and this has been prioritised accordingly. We need the Business Continuity Standard to enable us to progress Business Continuity.

Issues

We have blocking issues with UPS Power at the ACF data Centre blocking us progressing with the Encryption Solution and the NTP Server. This will also block us from putting in an additional VMWare Server that’s required.

We have an outstanding Medium Penetration Test issue that’s needs to be resolved before NHS Lothian will give us data. This has been with the Network team for a couple of Months with no Progress.

Key Tasks For Next Period

• As above.

Milestones