• Advisory
• AMinutes20081222

Meeting in Vienna 20081222

Meeting opened 10:30 Present: Philipp Dunkel, Rasika, iang (minutes). Action points in bold.

Misc

• Rasika could be added to internal audit team for now

• as -> Internal Audit (test taken 2008 december)

• (unknown when final result is revealed)

Disaster Recovery

• discussion consisted of a working attempt to create a Disaster Recovery plan.

• (rasika) created a starter list of BusinessProcesses, following CISA guide.

• developed plan from processes as per DisasterRecovery

• see SM
• Redundant versus hot standby
  • MySQL has online PUSH?
  • (Philipp D) we want hot standby, is already in MySQL? sysadm?
  • don't want any software development effort put in ....
• Hot standby machines should exist in the same facility.
  • cannot secure elsewhere
  • could ask HCC

Backups

• where?
  • for security and reliability: they should be in the same place
  • Disaster Level 1: hard
  • Disaster Level BIT: BIT is down
• Availability of backups offsite
  • Security cannot be ensured for transmission and storage of remote data...
  • offsite backups need to be offsite.
• Suggest
  • Make it incremental: dailies stay in the same town
  • rotate physical backups: new one arrives; send old one to escrow.
  • Weekly fedex packages to somewhere...
  • recover from next neighbour jurisdiction

Privacy

• (Rasika) Background Check
  • procedure and ruling (recommendation) should be public
  • interview, documents should not be public,
  • summary of evidence should be in the ruling.
  • Arbitrator can rule on the escrow questions of evidence
• New proposal (written by Philipp D) reviewed quickly on laptop screen
  • it has been sent to board only so far
  • was written in a meeting last week between Philipp D and Philipp G
• Some basic pointers needed
  • that is, training + test

  • ask Ted to set up, start pumping in some questions

  • need a legitimacy step for test+questions
  • board or policy to be asked to approve at some point
• Go back to board, ask for objections, into SM.

  • Philipp D: the proposal needs to be distributed, only to board so far

Software Development

• 4 eyes work in the software development
  • today, software development == philipp G
  • Philipp wants a governance methodology for SD?
  • he may want to provide 4 eyes, in software development
  • (PG? PD?) has provided a way to do the software development methodology.

• Philipp G is writing up the Software Development

  • "define this to the point that you can hand it over to someone else"
  • 29th Monday after Xmas
• Assurer Change from Software Development to Sysadms.
  • Ted has the patch to switch off the old Assurers

  • Ask Ted to RESEND it as a patch to Philipp G + Philipp D

  • mechanism: is it a patch(1) ?
• Software Development Patch procedure, needs to cover
  • sending patches to the sysadms
  • receiving patches from the sysadms
  • (rasika) this is the role of the media librarian
• Governance as it impacts software development
  • Philip D: 4 eyes needed over all support actions

  • means we don't need so much control on TrustCheck

  • Software Development cannot install patches, only Sysadms.
  • Must be a handover.
• Review of patches
  • Sysadms can review the patch; all source code is PHP, non-black
  • Sysadms have the responsibility to do a random check:
    • "random" means also to include "all" and "none".
    • other people can also check it.
    • if a check is done, comment added to code in subversion
    • sysadms do not write code: they only add comments!!!!
    • sysadms will be kicked out if they fix code
    • perhaps make the comments into an ACL-controlled file like README or REVIEW-COMMENTS at top of tree
  • Software development does not know which checks are done.
    • so, code and patches might be checked at time.

Formal meeting closed 18:30.

• CategoryAdvisory