The Secure Data Enclave (SDE) provides a secure cloud environment within Google Cloud (GC) for researchers who work with Level 3 Controlled Unclassified Information (CUI) and other data that require compliance with NIST SP 800-171. This environment provides pre-configured monitoring and logging, networks, and other security features that support compliance while allowing researchers to access storage and virtual machines (VMs) needed to do their work.
For more information about this service, click here: Secure Data Enclave (SDE) — Northwestern IT Research Computing and Data Services Northwestern University
Features
The following come standard with each GC SDE environment:
- Documented processes and procedures for using the environment
- Roles and permissions for separation of duties and least privilege to comply with NIST SP 800-171 requirements
- Linux Virtual machines (VMs) preconfigured for standard workloads, including data storage local to the VM
- Google Cloud Storage Buckets to store research data
- BigQuery Database services for large, structured data (optional)
- Networking infrastructure to accommodate importing and exporting data from the environment, as well as accessing code in an Enterprise GitHub repository
- Compliant workflows to import, analyze, and export data from the environment
- Monitoring & logging to comply with NIST SP 800-171 requirements
- Pre-installed software, libraries and packages (R, RStudio, Python, VS Code, JupyterLab, Libre Office). Additional software installed by request and pending approval from Northwestern’s Information Security Office
For a complete list of available software, see: Computational Resources (VMs) — Northwestern IT Research Computing and Data Services Northwestern University.
The GC SDE environment does not include:
- High-performance computing capabilities. If your research requires high-performance computing, an alternative solution to meet these compliance requirements is a Northwestern account on the Nightingale cluster hosted at National Center for Supercomputing Application (NCSA). For more information on NU@Nightingale, see Research Secure Data Enclave for HPC – NU@Nightingale
- The ability to run or support Windows and macOS based software
Eligibility Requirements
Use of a GC SDE environment for research purposes requires approvals from the Office of Research and Institutional Review Board (IRB).
Only the Principal Investigator (PI) may submit a request for an environment, and only Northwestern researchers with an active NetID and Northwestern-managed device are eligible. (External collaborators are not eligible to request or use this service; Northwestern researchers with personal devices are not eligible to use this service).
Before access to the GC SDE environment is granted, researchers must attest that the following requirements have been met:
Available to
Cost
Provisioning the GC infrastructure and service support are available to Northwestern researchers at no cost.
Cloud services operate on a pay-as-you-go model within the environment. Researchers are responsible for managing usage and associated costs and are only billed for what is used.
For more information on standard costs for available resources, see SDE Costs — Northwestern IT Research Computing and Data Services Northwestern University.
*Note that you will be billed for resources that remain active even if you are not using them, such as keeping a virtual machine running around the clock when it’s only being used during business hours.
How to Request Service
Click the “Request a Consultation” button to the right.
For general support, see Requesting Support — Northwestern IT Research Computing and Data Services Northwestern University.