Technology and Security Policy

UCSF has built and continues to improve a shared, secure, and HIPAA compliant research platform capable of storing PHI on AWS. Using an increasingly popular multi-account architecture, we will demonstrate how this platform can support and secure an unlimited number of university-governed research projects and users. This includes a dive into our platform’s architecture, compliance strategies, tooling, and operating model.

UC must managing cyber risk. Gone is a policy that tells you to write a policy. Time to think. Pick up you sparring gear and get ready to roll. UC has an all-new electronic information security policy that puts you in the cage. There are important new features in the policy that give Locations and Units both control and responsibility for fighting bad cyber actors. This session will overview how the policy operates, describe the features that address the main risk areas and show some helpful tools to fight bad actors by managing cyber risk.

In this session I will review and share my experience using Catalyst to plan and update the DRBC plan for UCB SAIT department.

Agenda

• HA vs. BCP vs. DRP
• What is Catalyst
• Catalyst Features
• Catalyst Internal Flow
• Before You Start
• Lessons Learned
• Catalyst FAQs?