Toward provisionning

One important aspect of Software usage is the targeted use:

• the importance of it and of its data: if it is main output of a project, if it is patient-related data, …

• the scope of usage: for local users only, for the public, for the founding members, for the time of the project, for X years,

• and the variety of usage: consultation only, API usage, export using standardised data, …

All that has a great influence on the provisionning needed, for needed persons:

• critical data might need the involvement of a cybersecurity engineer,

• personal data (about persons) might need a data protection specialist or some compliance assessments,

• Software that need to run after the end of the project might need a dedicated sys-admin for the planned time,

• Specific Data usage might need a Software Engineer to adapt, prepare and explain,

But also for needed technical solution:

• A physical server or a Cloud to host the Software, its data and backups,

• Some extra Software such as an Identity Server, so that users are centrally managed,

• A regular backup,

• A monitoring of the logs (access logs, software logs, …) for ** or attacks, an unknown anomaly could be the result of an attack,

• A monitoring of the installed ressources, to be sure there was no malicious tinckering,

• Set-up of automatic updates,

• Authorized-lists and Nonauthorized-lists, Firewall rules,

• Audit of security,