UAB has contracted with DriveSavers to provide data recovery services for the UAB
community. DriveSavers is the only data recovery company in the industry that undergoes
annual SAS 70 Type II Audit Reports and is HIPAA compliant, offering the highest level of data
security available. DriveSavers is also compliant with FAR 52.224-2 (Privacy Act), ISO 17799,
Sarbanes-Oxley Act of 2002 (SOX), the US government Data-At-Rest (DAR) mandate, the
Gramm-Leach-Bliley Act (GLBA) and the new regulation by National Institute of Standards and
Technology, NIST SP 800.34 (Rev. 1).
To view DriveSavers certifications, and learn more about Data Recovery Industry standards,
There are many wall jacks with data (network) ports installed throughout UAB buildings. Usually, the only ports that are active are those in use; other ports are de-activated. How can you tell?
What if suspect your network port has developed a problem of some sort?
To check whether the port has been activated and is working:
- Send a message to AskIT@UAB.EDUcontaining the
- Room Number
- Jack Number (it is written on the face plate)
- Port position number (If there are two DATA ports, the one on the left is D1 and the one on the right is D2. If there are four DATA ports, D1 is the upper left, D2 is upper right, D3 is lower left, D4 is lower right).
AskIT will check to determine if the port is activated and whether it appears to be working correctly. If the port shows as active but does not work correctly, either AskIT (or you) can dispatch a technician to fix it by calling 4-7777.
Every unit at UAB with devices connected to the UAB campus network should have a "network contact" person, even if there is no department server or local area network. At least one person within your department should be designated to be responsible for communicating your requests to DC/NS, and for assisting network users with basic configuration, software installation, computer training, and problem solving.
- Each department or unit at UAB should have an officially designated "network contact" person.
- The dean, chairman or director designates who is to serve as "network contact" for your unit. The dean, chairman or director should send either a written memo or an e-mail message to firstname.lastname@example.org indicating who is to be considered the official contact person.
- Data Communications / Network Services (DC/NS) recommends that the contact person be a trained computer professional.
- If the "network contact" person is not a UAB employee, the department should additionally designate a contact person who is a UAB employee.
- The "network contact" person should have access to a UAB e-mail account (hostname ends in uab.edu). All requests to DC/NS must be submitted via e-mail (email@example.com), and for security reasons these must originate from a server registered through DC/NS.
- When there is a change in personnel or responsibilities within your department, DC/NS should be notified. The previous "network contact" may send a message to firstname.lastname@example.org introducing the new person. If no replacement arrives before the old person departs, the last "network contact" should hand this function to their supervisor or other person in the department, who will then hand the job to the replacement person when they arrive. IP records, and any other records, should be turned in to the department for safekeeping.
- If the "network contact" left UAB without notifying DC/NS, the dean, director or department head should contact DC/NS with the name of the replacement contact person.
- Manage a block of IP (internet protocol) numbers given to the department by DC/NS, and maintain records of the location for each IP number used. Requests for new IP numbers should be submitted by e-mail to mailto:email@example.com?subject=Request new IP numbers
- Request registration of host names in the UAB DNS (domain name service). Requests for DNS registration should be submitted via e-mail to firstname.lastname@example.org
- Communicate network problems to DC/NS, and assist in trouble-shooting and problem resolution. Please call 4-3540 to report network communications problems, and call 4-7777 to report network wiring problems. You may also report problems via web interface.
- Request and properly configure other net-wide addressing, such as Novell server names and addresses, and Appletalk zone numbers and names. Net-wide addressing requests should be submitted via e-mail to email@example.com
- Coordinate equipment installation and relocation with DC/NS.
A domain name such as the one described above is called a third-level domain name. There is a $500 one-time fee for creating new third-level domains. There is no additional charge for registering names within the domain once it is set up. Third-level domain names should be requested by the department network contact.
Please send requests for third-level domain names to UserServices@uab.edu and include an FAS account number to bill. register the name.
Faculty, staff and students who are involved in professional, academic, or student-social organizations are sometimes interested in hosting a web site for their group and want to use a domain name that does not end in uab.edu.
UAB cannot provide DNS (Domain Name) service for domains other than uab.edu. However, what we can do is register an on-campus server with a uab.edu name, and then you can arrange for an outside Internet Service Provider (ISP) to provide the name www.alabama_engineers.org and point it to your UAB server. The end result is that someone who types the URL www.alabama_engineers.org into their web browser will be taken to the organization's home page, which may happen to be sitting on a computer housed at UAB. Most ISP's charge a small fee for providing you with this service.
Contact the UAB Web Center for further details about this type of arrangement.
- Isolate the device
Make sure the system is disconnected from the network. This is to protect UAB from any additional impact from the incident.
Determine the affected data.
Confirm whether or not sensitive data was housed on the compromised device. This includes employee, student, patient, or research data. Determine if any sensitive data was inappropriately accessed. If so, immediately escalate to both your local management and the UAB Data Security (https://silo.dso.uab.edu/incident or call 205-975-0842).
If sensitive data is at risk, do not perform additional activity until you have spoken with Data Security.
- Perform Root Cause Analysis
Establish the reason that the system was exploited. Ask yourself these questions:
- Did an end user install something harmful?
- Was it caused by a weak password?
- Was the system missing a patch?
- Remediate the issue
The best way to restore a compromised machine is frofm a trusted backup or to do a clean installation. Even what used to be routine virus infections have become so advanced that we cannot trust a system once it's been infected.
Perform password changes for end users and any administrators that may have used the system as well. This includes BlazerIDs and other accounts such as websites that were accessed from the compromised machines. Local Administrator passwords should also be changed.
- Reconnect to the network
Once the system has been properly remediated, UAB Data Security, in conjunction with the HIPAA Security Office, will reconnect the machine to the network. This process can take up to 24 hours after the initial request.
If you receive a notice saying the machine was compromised, the best way to get reconnected is to reply to that email.
Otherwise, Please call 205-975-0842 or email DataSecurity@uab.edu for assistance.
No. Each person needs to create their own