Chem Compute provides free access to computational chemistry software for undergraduate students and for researchers. This is done all without compiling, installing and maintaining software and hardware. Chem Compute also features Jupyter notebooks for students to do data analysis using Python.
Trusted CI partners with Science Gateways Community Institute (SGCI) on SGCI engagements that require cybersecurity expertise. The cybersecurity staff from Trusted CI engaged with Mark Perri from Chem Compute over a period of 2.5 months (May-July 2020) to review its security including servers, services and policies. Recommendations were made around the risks that were identified. The cybersecurity team also made some best practices recommendations for Chem Compute’s JupyterHub. Most of the best practices recommendations were made from the following sources:
https://jupyterhub.readthedocs.io/en/stable/reference/websecurity.html
https://jupyterhub.readthedocs.io/en/stable/getting-started/security-basics.html
We started the engagement with a kickoff meeting to get an overview of Chem Compute, how the systems are enabled/work and discussed the requirements and expectations from the engagement. Post that, the SGCI cybersecurity team set up weekly meetings amongst themselves to discuss and work on the project. The Cybersecurity team also scheduled meetings with Mark Perri as and when required to provide an update and get some inputs. The final product of the engagement was a 12-page security report containing specific recommendations on how to address the security gaps identified during the engagement.
Overall it was a successful engagement, thanks to Mark Perri’s valuable inputs with quick turnaround time.