2021-02-16 CCR Check-in Meeting Agenda, Notes and Actions

People in attendance bolded

Purpose

Check-in on CCR project deliverables

ITS-Pro codes: CIC-282 - Getting issue details... STATUS (Feb)

Project related links:

Kuali form - https://certify.assure.ucsd.edu (note that certificate issue needs to be fixed)

SharePoint Secure Portal - https://ucsdcloud.sharepoint.com/sites/cybercertification/

Project Collab site: https://ucsdcollab.atlassian.net/wiki/display/CCR/Cybersecurity+Certification+for+Research+%28CCR%29+Home

High Risk Labs list -

Early adopters list -

Discussion items

Topic	Who	Comments/ Actions
Web site and SharePoint site updates	Mark and Sean	2/16 updates: Per MC... certify.assure.com was not routing. But has been fixed. MC wants us to revisit FAQs: How to handle students Revise the privacy content Claire's team review and provide feedback? Suggest one more pass of site and then we communicate the s@#t out of it. Former user (Deleted) to check on any lingering Health and SDSC content/updates to make sure we have all of them on the SharePoint site (A few install packages are missing). Phillip Lopo to check on FireEye install package for OSX
Process and Kuali forms	Sean and Daniel	2/16 updates: Daniel, Mike and Sean met and tweaked the Kuali form to accommodate recent feedback received. After the meeting - I pinged MC about the Certification Letter (missed it on the agenda). He is going to check on it.
Early adopters and/or High Risk Lab submissions	Sean et al	2/16 updates: No new candidates as of today. Next session is Monday (2/22).
Communications	Mark et al	Prior topics/updates: Corn, Michael (Deactivated) to start working on draft of official campus letter and work with Hersberger, Mark (Deactivated) to do so. Currently still targeting end of Jan to send this out. Do communication and/or presentation to Council of Chairs? Corn, Michael (Deactivated) will look into this. 2/16 updates: Comms will be the focus as we move forward. Podcast interviewing Mike and Claire? Yes! Need to create a micro-presentation that Mike, Claire, etc. could use to meet with various constituencies to educate them on it.
HX/Qualys Alerting updates	Phillip	2/16 updates: Former user (Deleted) to set-up time with Ed and Phillip to build initial OTL to address this.
CCR Support Process updates	All	2/16 updates: Claire brought up how her team can make sure questions/tickets are routed to the correct person(s). Is there a cheat sheet and/or one person that can help with this. Phillip Lopo to request an email list group that includes a limited set of key OIA personnel (Phillip, Daniel and ), who can can help ensure Research Team's requests get routed to the correct person(s).
Other topics		Prior updates: Parking Lot for now - Guidance with regard to mobile and/or personal devices use when accessing labs and such? Create and require signature of a principle of security (patch device, anti-virus, etc.) document or something of this sort? A one-page guidance paper can probably eventually be drafted. 2/16 updates: Two recent ransomware incidents have highlighted again how important this CCR effort it.