UCD International UCD IT Services. IT12 - Device Security & Encryption Strategy. Project Initiation Document. Version 1.0 2 nd December 2014



Similar documents
IT1T Integrated Recruitment Systems 2015

UCD IT Services. Research Data. Project Initiation Document. Version rd December Version History

IT Services Website Redevelopment

It0x Enhanced data storage services Sharepoint Teamsites

Secondary School 1/04/2015. ICT Service Specification by: Andrea Warburton ONE IT SERVICES AND SOLUTIONS

Course Outline. Managing Enterprise Devices and Apps using System Center Configuration ManagerCourse 20696B: 5 days Instructor Led

Chapter 6 Implementation Planning

CASE STUDY 6 SECTOR: NHS DELIVERABLE: NEW MULTIFUNCTION SERVICE DESK THE CLIENT:

Evolving in the global digital scenario. Politecnico di Torino

Project Roles and Responsibilities

MDM & ENTERPRISE MOBILITY SERVICE DESCRIPTION G-CLOUD 7 OCTOBER 3, 2015

Cloud Based Device Management Using Enterprise Mobility Suite Production Pilot Service Definition Document

Managing Enterprise Devices and Apps using System Center Configuration Manager 20696B; 5 Days, Instructor-led

Evolving in the global digital scenario. Politecnico di Torino

UoD IT Job Description

University of Maine System Active Directory Services - RFP# ADDENDUM #01

Client Communication Portal Project

IBAPro Project Management Methodology

20696B: Administering System Center Configuration Manager and Intune

Department of Veterans Affairs Two-Factor Authentication MobilePASS Quick Start Guide November 18, 2015

Senior Project Manager (Web Content Management)

Programme Governance and Management Plan Version 2

Release Notes: Onsight Connect for Android Software Release Notes. Software Version Revision 1.0.0

ICT Service Desk Creation

OE PROJECT CHARTER TEMPLATE

Flinders University. Telehealth in the Home. Video Strategy Discussion Paper. 2 October 2013

Contents. Project Management: August 2005 Page 2 Clinical Research Operational Standards for Professional Practice for Professional Practice

KMS Implementation Roadmap

Mobile Device Management horizons for CERN Managed ios and Mac Self-Service. Maciej Muszkowski, Michal Kwiatek, Vincent Bippus (IT-OIS)

Course 20688A: Managing and Maintaining Windows 8

G-CLOUD FRAMEWORK RM1557-vi 5DRIVE PROFESSIONAL STORAGE (PRO)

Microsoft Windows Intune: Cloud-based solution

Mobile Device Management. Simplified centralised Mobile Device Management solutions for the UK education sector.

Remote Access End User Reference Guide for SHC Portal Access

Statement of Work. Systems Center Configuration Manager. Prepared for School Board of Sarasota County Thursday, 12 June 2008 Version 1.3.

Securing BYOD With Network Access Control, a Case Study

Web Based Application Tool (WBAT) For SMS Implementation!

End User Devices Security Guidance: Apple OS X 10.10

Casper Suite. Security Overview

Project Management in the Rational Unified Process

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.

Project Charter Updated

SCHEDULE 8 Generalist Project Services Framework 2015

Lot 1 Service Specification MANAGED SECURITY SERVICES

Guidelines on use of encryption to protect person identifiable and sensitive information

PROJECT MANAGEMENT FRAMEWORK

Introduction to Hosted Desktop Services (HDS)

Information Technology Services Project Management Office Operations Guide

LGS Project Management Methodology

Department of the Environment and Local Government. Project Management. Public Private Partnership Guidance Note April 2000

MS Managing and Maintaining Windows 8

Comparing Antivirus Business Solutions. A small business running 25 work stations and 2 servers require an antivirus solution that

Terrace Consulting Services

Install and End User Reference Guide for Direct Access to Citrix Applications

IT Services. Service Level Agreement

NIST Cloud Computing Program Activities

Managing BitLocker With SafeGuard Enterprise

Hosted Desktop for Business

Disaster Recovery Policy

Project Charter and Scope Statement

MNLARS Project Audit Checklist

More details >>> HERE <<<

Maturity Model. March Version 1.0. P2MM Version 1.0 The OGC logo is a Registered Trade Mark of the Office of Government Commerce

SafeGuard Enterprise 6.10 Peter Skondro

Senior Project Manager

Ambulance Victoria. Position Description

e-tourism Marketing Specialist

Change Management Practitioner Competencies

MICROSOFT DYNAMICS CRM

Technology Services Group Procedures. IH Anywhere guide. 0 P a g e

Five Steps to Android Readiness

Feature List for Kaspersky Security for Mobile

CRESCERANCE SERVICES

PROGRAMME MANAGEMENT AND BUSINESS PLANNING

Consultation on DCC Enduring Release Management Policy. Consultation opens: 18 September 2015

Microsoft Office 365 Request For Proposal

G-Cloud 6 Service Definition DCG Cloud Backup Service

The Gateway Review Process

Master Level Competency Model

ST JOHNS PARK HIGH SCHOOL BYOD POLICY

Transcription:

UCD International UCD IT Services IT12 - Device Security & Encryption Strategy Project Initiation Document Version 1.0 2 nd December 2014 Version History Version Date Summary of Changes Changed by 1.0 2/12/2014 Initial Draft John Curran

-Contents 1 Objectives & Scope 3 1.1 Project Objective 3 1.2 Project Scope 3 1.3 Change Control 3 2 Project Plan 4 2.1 Project Approach 4 2.2 Milestone Plan 5 3 Project Structure 6 3.1 Roles & Responsibilities 6 3.2 Meetings 7 4 Costs 7 4.1 Project costs: 7 4.2 Initial Risk & Issue Log 8 4.3 Ongoing Management of Risks and Issues 8 5 Stakeholder Plan 10 Endpoint Security & Encryption- Project Initiation Document Page 2 of 10

1 Objectives & Scope This Project Initiation Document (PID) defines Device (End Point) Security & Encryption Project in detail including objectives, scope, approach, deliverables, timescale and structure of the project so that it can be understood and agreed by all stakeholders. 1.1 Project Objective The objective of this project is to provide pilot implementations of services for UCD staff to secure their devices and sensitive data held on mobile devices and in cloud services to meet security and compliance obligations. 1.2 Project Scope The scope of the project will be to evaluate, in conjunction with Customer Support and Research IT, candidate solutions to provide device encryption and mobile data management services for use by UCD staff users in areas managing sensitive data. 1.3 Change Control The Project Initiation Document will be approved on commencement of the project by the Project management group. Following this, an ongoing Project Plan will be maintained and updated to accommodate any minor changes that occur. Once the scope is agreed herein, any further changes to scope or major deviation from the proposed timeframes will be the subject of a change control procedure. Endpoint Security & Encryption- Project Initiation Document Page 3 of 10

2 Project Plan 2.1 Project Approach The project will proceed in three main phases- Phase 1: Preliminary market review of technology solutions from current UCD suppliers. Phase 2: Needs assessment and preliminary assessment of product feasibility with identified representative groups and units within UCD Administrative and Research Communities. A necessary consideration of the project is that though potential users of the service understand their requirements in terms of security, the usability of potential solutions and fitness for purpose is not usually clear from the outset. For this reason, the overall solution will be implemented following a prototyping methodology i.e. the project will deliver first cut solutions for small communities of representative users at the earliest opportunity, based on tested solution configuratiosn and then iterate around these to facilitate the development of services with strong deployment and support characteristics that also meet security requirements Existing platform solutions will be deployed where possible rather than the procurement of new solutions- in particular: a. Google Apps mobile will be used as a trial service for mobile device encryption and self-management services for both ios and Android platforms. b. Office 365 Intune services will be trialled for suitability as a data security management solution for rights-controlled document management in high assurance areas. c. Existing technologies (Apple Filevault, Windows Bitlocker and Truecrypt) will be supplemented by a centrally managed encryption solution to be selected via a suitable procurement process following the completion of Phase 1. Phase 3: Review of solutions with stakeholders and feasibility assessment for deployment The scope of the solution has been defined and on this basis, the project has been divided into three strands: (1) Research support strand. Deployment of services to support research groups with high assurance needs Endpoint Security & Encryption- Project Initiation Document Page 4 of 10

(2) Data Management support strand to improve the way that users can meet their own needs. (3) Analysis & Information Strand to improve the existing reporting which is available in relation to the recruitment of students with a particular focus on improving the international analysis of the information and improving the information available on preapplication prospective students. 2.2 Milestone Plan The following milestones, deliverables and target delivery dates have been defined for the project: Milestone Deliverable Responsibility Reviewers/ Approvers 0.1 Project Scope Defined 0.2 Project Initiation Document Approved 0.3 Summary of Requirements Identified 0.4 Communications Planned Project Scope Document (& Diagram) Project Initiation Document Summary Statement of Requirements Communications Plan 0.5 Solutions Defined Overall Solution Diagram Due Date Endpoint Security & Encryption- Project Initiation Document Page 5 of 10

3 Project Structure The project comprises a and a Steering Group. The Steering Group will agree project schedules, approve major deliverables and resolve any critical issues that arise during the lifetime of the project. The will manage the project on a daily basis and will report regularly to the Steering Group. 3.1 Roles & Responsibilities Role Responsibilities Names Steering group Ensure that the project direction is appropriate to the achievement of the ultimate objectives Review progress reports from the Project Team and determine actions needed to address deviations Provide guidance to the on high level principles to be complied with Review and approve deliverables Monitor and proactively manage risks as they arise. David Coughlan Ciara Acton Fred Clarke Mary Hogan (UCD legal\ Data Protection) Project Managers Prepare the Project Plans Determine resource requirements and ensure that appropriate resources are allocated Manage the project to ensure that the desired results are achieved within agreed time-scales Monitor progress and report on a regular basis to the Steering Group Prepare project deliverables and their presentation for approval Project team Conduct the tasks and activities of the project in accordance with the Project Plan Prepare the project deliverables by the agreed due dates Report progress to the Project Manager Elaine Timmons John Curran Elaine Timmons John Curran (other resources from Research IT, Customer support, Servers & storage, Web services as requested) Endpoint Security & Encryption- Project Initiation Document Page 6 of 10

3.2 Meetings The following are the scheduled project governance meetings: Team Attendees Frequency Project Steering Group Project Board Bi-Monthly as per schedule TBC Project team Project team Weekly or as required 4 Costs 4.1 Project costs: Pilot phase implementations of all technologies will have no new software licence requirements. Deployment of device encryption solutions for Windows clients will require a licensed solution. Support and deployment of the solution will require a number of test devices for use with the project as follows- these devices will also be required for testing on other operational projects e.g. eduroam update. PC based laptops for windows operating systems are expected to be available from IT Services loan services. Item Description Costs (approx.) Apple Macbook x1 Entry level macbook air for 1400 Filevault testing and documentation development for multiple OSX versions. ipad Mini x1 Entry level ipad for testing 300 and documentation development for multiple OSX versions. Android phones x2 Old (e.g. recovered from 200 IT Admin) and new SIMunlocked Android handset (Motorola Moto G or similar) Total 1900 Endpoint Security & Encryption- Project Initiation Document Page 7 of 10

Risks & Issues 4.2 Initial Risk & Issue Log The following project risks or issues have been identified on commencement of the project. These initial tasks to address these risks or issues are outlined. Risk / Issue Staff working on the project may not be able to commit the time necessary to meet the milestones arising from operational commitments. Technical solutions may not gain acceptance from users. Privacy implications of technologies (e.g. location aware technology) in use may limit acceptance among wider staff community. Identified solutions may not be deployable in a wider user base due to resource requirements associated with solution delivery. Probability H M L Impact H M L Actions to Mitigate Y Y Each phase of the project will be allocated, if necessary reducing scope (but based on prioritised requirements) to achieve timeline. Additional technical resources may be sourced externally. Y Y Close coordination of deployment with pilot groups to identify and resolve issues quickly. Y Y IT Services to propose appropriate policies for the use of such data within UCD. Y Y Solutions under consideration in most scenarios reflect a high ab initio feasibility for self management and deployment. Current experience with device encryption indicates that very little ongoing support is required for deployed systems. Responsibility Project team 4.3 Ongoing Management of Risks and Issues Endpoint Security & Encryption- Project Initiation Document Page 8 of 10

Any additional risks and issues identified will be maintained on an ongoing basis by the Project Manager in separate Risks and Issues logs. Endpoint Security & Encryption- Project Initiation Document Page 9 of 10

5 Stakeholder Plan The following table highlights the communication and interaction activities planned for each stakeholder group: Stakeholder Actions Responsibility Corporate & Legal affairs Communication Plan to be developed to co-incide with rollout of Recruitment Partner Portal Staff in Pilot Units Communication Plan to be developed to co-incide with rollout of pilot solutions though local champions, training, and web based resource materials. Project team Endpoint Security & Encryption- Project Initiation Document Page 10 of 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information