The NIH Data Center provides a secure computing environment suitable for hosting critical applications and sensitive data. The Data Center’s staff members manage and monitor all host systems to ensure continued availability and effective operations. CIT’s security management program continually reviews and refines security operations.
The NIH Data Center, as a federal government facility, abides by all federal government information security policies.
Physical Security
Physical and environmental controls protect the machine room itself from interruptions and unauthorized intrusions, and technical controls on all platforms provide the capability to protect applications and data from unauthorized disclosure and manipulation. A security guard is stationed at the main entrance to the Data Center 24 hours a day, seven days a week. The Data Center has an uninterruptible power supply (UPS), physical access control procedures, climate control, and a central backup and recovery system. Security management and operations procedures for all platforms to ensure the confidentiality, integrity, and availability of customer applications and data.
Security Validation
The z/OS (Titan), Unix (EOS), and Windows systems undergo annual SAS 70 Type II security audits. These audits validate the Titan, EOS, and Windows systems as suitable for hosting critical applications and sensitive data. The audits are conducted by independent auditors, under the direction of the HHS Office of Inspector General.
The SAS 70 Type II audit is a rigorous standard widely accepted by industry and government. A SAS 70 audit assures managers of financial and other applications that the NIH Data Center employs highly effective security and controls.
Disaster Recovery Program
A disaster recovery program provides participating customers with facilities for continued processing in the event of an extended data center interruption.
Media Sanitization Service
CIT offers a media sanitization service through the NIH Data Center that includes degaussing and destruction of data storage media (magnetic or optical).
Further Information
For further information on general security at the NIH Data Center, see the Titan User's Guide.
