BRC Cluster Workshop

Some cluster users may have data that is classified as sensitive (e.g. data from dbGaP). Extra care should be taken with this data to prevent unauthorized access.

One way in which this type of data can be protected is by only storing it on encrypted disk volumes. Currently, of the cluster disk volumes, only /home6 is encrypted “at rest” (i.e. all the data is encrypted before being written to disk and decrypted when read). This encryption protects against the server being stolen, or being improperly disposed of (with the disks and data intact) at some point in the future. The backup volume to which the data on /home6 is copied is also encrypted.

If you have a project that includes the use of sensitive data please talk to the system administrators to see whether you should store that data on /home6, or have your entire home directory moved to /home6.

If you have sensitive data you should ensure that your home directory, or the directories containing the sensitive data are not world readable.