Here are three entries from my daily log. They describe a security problem that was eventually solved.

July 8, 2002

Today we received more documents from Ken Johnson of the National Park Service (Shenandoah). Once put into Synthesis these documents will be used as an example for law enforcement officials. The nature of these documents is sensitive due to the fact that they deal with actual criminal cases. They are not classified documents, but they contain personal information. This brings up a major security issue. The documents are not to be accessible to anyone but Synthesis staff. Our lab is a shared lab, so having the files accessible only to us is essential. This also raises a security issue for my Management Information System. I will also be storing personal information. We need to find a way to secure both Synthesis and the MIS.

July 15, 2002

Dr. Frysinger, Keith, and I have discussed the security issues and made some progress in solving the problem. The computers in the labs were originally set up with two partitions. At the moment the second partition is not being used. We can format the other partition and use it for Synthesis purposes only. This partition will need to be secured with some sort of password protection. To do so we will need to contact the ITS department and ask for help setting it up.

July 24, 2002

Forest from the ITS department joined our weekly staff meeting and we discussed how to secure the drives. Forest was able to set up a user domain in Windows 2000 that would allow us to have a Synthesis network login. This login only allows the synthesis user to access the second partition. If I store the database for the MIS on one of these drives then only Synthesis users will be able to access it. This should be sufficient security for the MIS and Synthesis.