Storage and Data Security

Calcul Québec enforces strict rules regarding the security of its facilities and the confidentiality of the data stored on the premises. The basic principles for the management of our infrastructure are:

User Accounts

  • User accounts are valid for a period of one year and are automatically deactivated upon expiry.
  • Accounts can be closed before expiration upon request, with certification of complete destruction of data.
  • Infrastructure is under continuous review in order to detect intrusions and abnormal behavior.
  • Suspected misuse causes account deactivation.

Access to Resources

  • Connections are made to front-end servers, via ssh encrypted connections. Compute servers and storage are not visible from the outside.
  • The facilities are located in rooms reserved for HPC and physical access to facilities is restricted to authorized personnel.

Data Security

  • Each server is protected by a firewall or ACLs (access control list) depending on the level of exposure.
  • Data is stored on shared infrastructure where the user is responsible for securing data (read and write rights, encryption). Tools include Linux access controls and ACLs, available on the filesystem.
  • Externally exposed data is encrypted during transfer.

Additional Security

  • The level of security can be enhanced by temporarily isolating certain elements.

Some private sector partners already use our infrastructure and the tools to meet their security needs have been put in place.

For more information or special requests, contact us: