The NCSU Office of Information Technology (OIT) knows that groups across the university want to use the agility, scalability, and advanced technologies that cloud services provide. OIT is developing a framework around governance, security, networking, and brokerage for these services at NCSU. The goal is to provide access to cloud computing services that include guardrails to comply with NCSU information security policies.
Why work with the Cloud Services & Support Team?
OIT brokered cloud offerings work with NCSU managed resources such as authentication, logging and networking and are vetted by the NCSU Security & Compliance (S&C) team.
The Cloud Services & Support team can also assist your group with discounts and credits from cloud vendors.
Available cloud providers
OIT currently offers brokerage services for Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP).
Guard Rails
Operating in the cloud presents new security and configuration challenges to the University. Working with the S&C , we have established a guiding set of Guardrails designed to prevent the most common configuration mistakes. These rules are detailed here.
Cloud Environment Request
Before you request an AWS, Azure or GCP environment, there are several questions that you will need to be prepared to answer.
Billing: The financial requirements for the cloud environment.
- Project ID
- Department/College Bookkeeper
Cloud Resource Roles: These roles identify the primary users that will configure and maintain the cloud environment. They include the following:
- Cloud Owner: The person is the individual that is primarily responsible for the use of this environment. Can also be referred to as the owner or sponsor of the environment.
- Technical Contact: The individual who is the primary support contact for system administration and support.
- Cloud Environment Administrators: Users with Unity IDs that will need privileged access to the Cloud Environment.
Data Classification: Indicates the sensitivity of the data that will be stored or processed in the cloud environment.
- Green
- Yellow
- Red
- Purple
Regulatory Requirements: Additional regulatory requirements required by sponsor and granting agency.
- FERPA
- PHI/HIPAA
- NIST 800-53
- NIST 800-171
- Other Requirements
Campus Connectivity: Whether the requested cloud environment will need network connectivity to the NCSU campus -- including internally routable (RFC1918) NCSU address space.
Cost of Service
- Cloud services use a “pay-as-you-go” model where you are charged for the services you utilize
- With the NCSU-provisioned access, OIT will centrally manage the billing and accounting for most GCP, AWS and Azure cloud environments
- Project IDs are needed for internal re-billing purposes
Brokered Cloud Features
Cloud Environments brokered through OIT will provide the following benefits.
- NCSU Managed Identity Access
- Connectivity to the NCSU Campus Network through a VPN connection (if needed).
- IP address/range management.
- Security & Compliance Oversight
- Centralized Logging
- Single Single on (MFA) integration
- Persona/Entra ID Integration for group management
- Domain Name Service (DNS)
- Centralized Billing and Management
- Budget Alerts
Technical Support
For support on new or existing cloud environments, please use the Cloud Environment Request to open a service request with the NCSU Cloud Services & Support Team.
Service Availability
Cloud resource availability is based on design and deployment of the cloud resource. The Cloud Services & Support Team can advise on designing a cloud environment with the appropriate level of resiliency.
Maintenance Schedule
The Cloud Services & Support Team will announce planned cloud maintenance windows as communicated from the respective cloud vendors through the NCSU OIT help portal and targeted emails and alerts.
Helpful Information
Cloud Login Links
Training
Cloud Training Resources are available for AWS, Azure and GCP through the NCSU LinkedIn Learning partnership.