This document sets out the scope for eduGAIN Incident Response Coordination, which will be piloted from 1 July 2018 - 31 July 2019. eduGAIN Incident Response coordination will be supported by edugain-support and a dedicated team of incident response experts.
A. Put in place team
| Requirements | Status | Responsible |
|---|
| A1. | Define support team For the pilot, a team of between 3 - 4 incident response experts will be identified drawing people from the GÉANT Association, the GÉANT project and the community.
| | Ann / Nicole |
B. Put in place service parameters
| Requirements | Status | Responsible |
|---|
| B1. | Scope |
|
|
| B2. | Hours and response times |
|
|
| B3. | Supported users |
|
|
C. Define workflow for team response.
| Requirements |
|
|---|
| C1. | global identifier for each incident |
|
| C2. | incident type classification |
|
| C3. | recognizing and escalating a security ticket |
|
| C4. | ensuring the right people are added to communication chain |
|
| C5. | supporting move to a secure channel |
|
| C6. | supporting post incident communications and reporting |
|
| Requirements |
|
|---|
| D1. | Secure communication channel |
|
| D2. | Sirtfi responsiveness testing |
|
| D3. | Sirtfi error checking |
|
E. Ensure eduGAIN policy and supporting templates are in place.
| Requirements |
|
|---|
| E1. | Sirtfi as an eduGAIN BCP |
|
| E2. |
|
|
| E3. | Disclosure policy |
|
F. Implement support for testing.
| Requirements |
|
|---|
| F1. | Work with end-users on small test cases |
|
| F2. | Participate in larger-scale incident testing |
|
