Departmental Network/Security Contact (NSC) Description and Responsibilities:
An NSC is a departmental employee who acts as a liaison and conduit for timely and relevant information flow between central networking and computer security personnel and the departments on campus. The following list describes the responsibilities of the NSC.
- Each department may elect up to 2 contacts: one primary and one secondary, to support the department, regardless of the number of staff and equipment location(s).
- The NSC will be the designated recipient of security scanning activity reports for departmental computer systems, when directed scans are initiated by the Information Security and Policy Office. System administrators requesting scans will be the recipient of reports; however they will be available to the NSC upon request.
- The NSC may request computer system security scans on behalf of their department for any systems which are installed and administered by the department.
- The NSC will be the recipient of network alerts, outage notifications, or other networking issues affecting the department, for all locations where equipment and staff are housed. The NSC is responsible for disseminating (forwarding or alerting) this information to all appropriate departmental staff in a timely manner.
- The NSC is a starting point for department staff's network and/or security questions. The NSC should work with the ITS Help Desk and/or the Information Security and Policy Office when security questions arise.
- The NSC is the initial contact point for UI Security/Computer Incident Response coordination.
- The NSC is expected to attend security seminars (policy, awareness, and/or technical) as they are offered.
- The NSC must be permanent university staff employed at least 50% time by the department.
- The NSC will be included in electronic mailing lists as needed (such as building NSC lists and a campus NSC list) to accommodate relevant, timely information flow. These lists will be administered centrally, and will be used for alerts and schedules from central network engineering and security engineering personnel.
- Smaller departments, or departments that do not employ IT staff, are encouraged to designate NSC contacts at a higher organizational level, such as their college or to administrative/business offices organizational level. This is discretionary, but contacts must be known and in place. For the UIHC, Healthcare Information Systems designates staff to serve the NSC role.
- An online form is available to request NSC changes, due to employee turnover, changed responsibilities, and the like, visit: http://itsecurity.uiowa.edu/incidents/request-change-departmental-nsc-information to request those changes. Because it is important to keep this information up-to-date, contacts will be validated periodically by the Security Office to ensure reliable information.
Go to https://iowa.sharepoint.com/sites/nsc to search for a Network Security Contact