LITIGATION SUPPORT TIP OF THE NIGHT

The Tip of the Night for April 18, 2018 discussed FedRAMP, the federal cloud computing security program. FedRAMP has a manual of standard contractual clauses which may be useful to consult when considering what language to add to service agreements.

With cloud computing spreading data across international boundaries on different servers and posing problems for determining which country's law govern the data, FedRAMP recommends a provision specifying 'data jurisdiction' - based on where the 'data at rest' or back-up is located.

Provisions are recommended for retaining audit records online for 90 days, and Department of Defense and National Archives and Records Administration guidelines are to be followed for the systems implemented to store the records.

Agreements are to specify that incidents are reported to the US-CERT (the United States Computer Emergency Readiness Team), and breaches involving PII must be disclosed within 1 hour of their discovery.

Provisions for a specific cryptographic standard (FIPS 140-2) for secure communications; a method of multi-factor authentication; and the encryption of electronic media are also included.

Many firms have given their employees access to a Box.com account. Box is a cloud service that facilitates the sharing of files inside or outside an organization.

A Box account may be linked to your network login, so you'll just have to browse to box.com in your browser (or a variation of this address) and enter your standard user name and password.

In Box you can create a folder and right click on it and then invite collaborators by entering their email addresses.

When you notify the recipient about the link to the box folder created in your account, be sure to tell them to click on the link when logging into Box which indicates that they are not a member of your organization.

So in this example, if you're an employee of the University of Nebraska, Lincoln, and you create a box folder to be accessed by a non-university member, tell them when logging into to click on the link named, "Not part of University of Nebraska - Lincoln? Log in or Sign Up Here".

Input/output operations per second (IOPS) is a computer performance measure standard. A IOPS number reflects the number of read and write operations that can be performed with both sequential and random data (random data would be files not saved contiguously -- as a drive has more data saved to it over time, its free space becomes fragmented and data is less likely to be saved contiguously).

An average SATA 7,200 rpm hard disk drive should run at about 100 IOPS. (Serial AT Attachment is the interface that connects the drive to a computer. Most storage drives in use today are SATA drives. See the Tip of the Night for January 22, 2016. )

The number of IOPS generated by a RAID (Redundant Array of Independent Disks) is a key consideration in cloud computing. You can help evaluate the strength of cloud data storage with the RAID Calculator.

The RAID Calculator lets you select between SSD (Solid State Drives) and SAS (SCSI) hard drives, and choose the number of disks in the array, the overall hard drive capacity, and the percentage of data that is either being read or wrote.

The calculator gives IOPS numbers for different RAID levels - RAID 5 (these, which require at least 3 disks, are susceptible to failure and not recommended); RAID 6 (which can handle the failure of two different drives, and requires at least 4 drives); and RAID 1+0 (which has a series of mirrored drives and can function even if multiple drives are lost, and also requires at least 4 drives). RAID 1+0 has better read and write performance than both RAID 5 and RAID 6. RAID 1+0 will typically be used for databases. RAID 6 for web servers, or other servers which must store a lot of data. RAID 5 is used for data archiving and warehousing.

For a RAID with 24 200 GB SSD drives tested reading and writing data in equal percentages, a RAID 5 level configuration will function at 96,000 IOPS and a RAID 6 at about 68,000 IOPS. With the RAID 1+0 configuration the IOPS rises to 160,000.