Skip to main content

Policies

Go Search
Home
  
Policies > Wiki Pages > Systems Administration Security  

Systems Administration Security

Purpose:

System security will degrade over time unless knowledgeable personnel are dedicated to its maintenance.

 

 

 

Statement:

Worcester State data system administration security practices must ensure that all Worcester State information systems are in a known, secure state and information resources are protected.

 

 

 

Description:

Administrators must maintain tables, diagrams and other records of baseline system and security configuration, and any configuration changes for all hardware and software system components. All information listed below must be maintained in multiple protected locations to guarantee its availability when needed, while preventing its disclosure to all but authorized personnel.
 
Documentation requirements may include:
 
  • Security configuration for operating systems, client/server, legacy and standalone applications, infrastructure equipment (router, switch, premise), and security servers (firewall, PKI, intrusion detection, authentication server, etc.).
  • Contact information (name, address, phone, pager, e-mail, service/product/expertise, etc.) for all employees and organizations that may contribute to system support. This includes data system administrators, managers, communications service providers, expert consultants, maintenance and technical support contractors and equipment and software vendors.
  • Special information; such as student identification (ID) number; Personal Identification Number (PIN); circuit, port, and account numbers, etc., that may be needed when contacting support personnel.

 

 

 

Additional Information:

 

 

Approved By: Don Vescio

 

 

Date of Origination: 5/11/2008

 

 

Last modified at 7/2/2009 7:53 PM  by Vescio, Donald