Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This is where you should include a description of what your NREN, project or institute does.

This table is for information that may be helpful to include. Any information may be added as you wish, anything you wish to PUBLICLY share with others.

Irrelevant ones may be removed.

Lines may be duplicated to refer to multiple documents.

E.g. you may provide a link to a list of policy documents, or you may provide several lines with links to various policy documents.

You may include any text/explanations you wish.  Please don't include anything here that may be of use to an attacker.

...

Name of NREN/Project/InstituteExample Project Institute Homepage
 General OverviewLink to Intranet for Public link for this project or NREN
 Emergency  Security Emergency contact

 How How to contact in an emergency

E.g. E-mail(s) or link to instructions

How  How to Report report a security incident 
 RFC 2350 
security incident Incident reporting e-mail(s) preferably, and/or links to instructions
RFC 2350

 Link to relevant public document if you have one,

or who to contact

Security officer individual e-mail if you wish, some make public, some don't
Data Protection Officer (GDPR)
Hosting Organisation 
Who is in charge of the NREN/Project Could include deputies
ISMLink to ISM for this project, or person to contact if not public
Policy Documents (incl. AUP)Link to policy docs for this project, or person to contact if not public
Software Vulnerability handlingLink to procedure/web, or who to contact
Security MonitoringLink to security monitoring information, if present, or who to contact
Other incident PreventionAny other incident prevention work
Incident handlingIncident handling procedure - if public, if not who to contact
Any other contact informationAs you wishContact information
Compliance with standards Hosting organisationStandards complied with, including
 ipv4/ipv6 prefixes (more suitable for NRENs or sites than very dist. infrastructures)
identity Identity information   Data
protection officer Authorization information 
 Links to blogs, reports, anything you wish. 
 Security officer individual e-mail if you wish, some make public, some don't
 Other function Other functions 
 Individual members (as you wish)
 Projects people work on (if you wish)
People's expertise