1 Information Technology Services in UB Owned, Controlled and Managed Space Category: Information Technology Date Established: 5/2/2014 Responsible Office: VPCIO Date Last Revised: 8/14/2014 Responsible Executive: Vice President and Chief Information Officer Date Posted to Library: 8/15/2014 Summary This policy provides the principles for which Internet connectivity, telephone, network device attachment and workstation support services will be provided to UB faculty, staff and departments within UB owned, controlled and managed spaces. Policy POLICY STATEMENT In the normal course of their duties and responsibilities, persons appointed as faculty or staff who are located within UB owned, controlled or managed space can expect to have basic Information Technology (IT) services provided through the university. This document provides the principles for which IT services will be provided and under what circumstances. In addition, this document provides detail on how the same services will be provided to non-ub people or departments, if at all. Each IT services is describe separately. Workstation Support UB employees: faculty and staff located in UB space that have an appointment in a UB department, will have their workstation support provided by their departmental UB IT Support. Non-UB personnel or Non-UB departments: persons or departments not formally affiliated with the University located within UB space must provide their own workstation support, or contract with an outside vendor. The Non-UB department must identify a Principle IT Contact that will be responsible to ensure that all devices attached to the network satisfy the following requirements: o Devices must have an authorized fixed IP address or be appropriately registered for DHCP. The Principle IT Contact will work with the appropriate person within the VPCIO organization to register all devices prior to them being placed on the network o Devices must be configured to run a supported version of an operating system for which patches for newly identified security breaches are developed and distributed in a timely manner o Devices must be configured in such a way that known vulnerabilities such as open FTP ports and open relays are eliminated or minimized o Devices must be maintained in such a way that patches which close known security breaches are applied as soon as they become available o Devices must have antivirus software installed on it that runs continuously and is updated regularly o Devices must be scanned and determined to be free of viruses and other known compromises that may have been introduced to its operating environment
2 TITLE OF POLICY PAGE 2 OF 5 o Devices must have installed firewalls that run continuously whenever possible and practical. In the event that a device is identified as being compromised, the VPCIO organization retains the right to immediately suspend the network connection to that compromised device, and the Principle IT Contact will be informed of the suspension as soon as possible after the action is taken. The Principle IT Contact is responsible to ensure that the compromised machine is not reconnected to the network until the device is properly secured Telephone Service Participating UB Department: UB IT Support will provide telephone services (VoIP) to participating departments. Departments are responsible for any costs associated with the purchase and installation of the new telephony equipment, if the costs are not included in a move, rehab or project budget. UB reserves the right to collect additional funding from participating UB departments to maintain phone service in the future. Non-participating UB Department: UB IT Support will provide telephone services (VoIP) to non-participating UB departments, however, the department is responsible for any costs associated with purchase, installation and monthly service charges. Non-UB departments: UB will not provide telephone service to non-ub departments. Telephone service must be procured independently from a third party Voice over IP (VoIP) provider. Connectivity to the Public Switched Telephone Network (PSTN) via a third party VoIP provider will be facilitated over the University provided data network and Internet connection via IP. Neither participating nor non-participating UB departments are authorized to contract with outside vendors for the provision of telephone services without prior approval by UB IT Support. UB IT support will take the lead in determining whether outside vendors would best meet the department s telephony needs. Campus Network UB Employees: faculty and staff located in UB space are eligible to receive campus network (Internet) services. UB departments are responsible for the costs of cabling and data switch equipment required providing connectivity from the nearest telecommunications room to the designated outlet location. Non-UB personnel or Non-UB departments: persons or departments not formally affiliated with the University located within UB space may be provided campus network (Internet) services by UB IT support for per-port installation and monthly usage fees. All inter-room network installations must be in compliance with University standards and will be administered and maintained by UB IT Support. UB will take the lead in determining whether outside vendors would best meet campus network (Internet) service needs. Neither UB nor non-ub departments are authorized to contract with outside vendors for the provision of campus network (Internet) services without prior approval by UB IT Support.
3 TITLE OF POLICY PAGE 3 OF 5 Campus Network-Connected Devices UB Departments: All devices connected to the campus network (Internet) must comply with the UB Network Connection Policy. Non-UB Departments: All network-connected devices must be located within the non-ub department s space. The networking implementation for these devices must be discussed with Network and Classroom Services prior to installation and implementation. All devices connected to the campus network (Internet) must comply with the UB Network Connection Policy. DEFINITIONS Network connected devices any Internet capable device that can be attached to the campus network for the purpose of interacting with other devices and services. Typically this connection is through wired Ethernet, but may be extended to include Wi-Fi, Bluetooth or cellular connectivity when necessary. Devices include servers, workstations, workgroup printers, cloud drives, virtual desktop appliances, media devices, gaming consoles, tablets, smartphones, and controllers. Non-participating UB Department UB operating unit that did not participate in the 2005/06 permanent transfer of unit funding that was based on the number of active phone lines either by choice or circumstance. Non-UB Department a public entity, private not-for profit entity, private educational entity, private affiliated entity, or private business located in UB space. Participating UB Department a UB operating unit that participating in the 2005/06 permanent transfer of unit funding that was based on the number of active phone lines at that time and previously billed annual telephone charges. The permanent transfer was done to pay for the telephone system conversion to VoIP technology. Departments may not be included in the participating group retroactively. Principle IT Contact person identified by the administrative head of a Non-UB department will be the contact regarding IT support and services for the Non-UB department. UB Department - an official operating unit at the University at Buffalo, directly supported through UB funding sources. UB Departments are recognized in the entity/hierarchy system of record. UB Employee any person with a current official appointment at the University at Buffalo, including faculty, staff, adjunct faculty, volunteers, and contract staff. UB IT Support any of the UB organizational units that provide information technology services to UB departments and employees. UB IT Support comprises the divisions of Computing and Information Technology, and all the distributed IT Support organizations located throughout schools, departments and divisions. Local UB IT Support refers to the IT support organization that is chiefly present in a particular location or responsibility area.
4 TITLE OF POLICY PAGE 4 OF 5 UB Space buildings, structures and their surrounding area that is either owned, controlled or managed by the University at Buffalo. Workstation a computing device such as a desktop, laptop or notebook computer typically assigned to a particular individual, role or location. RESPONSIBILITY Vice President and Chief Information Officer (UB IT) Establish and maintain this policy Provide the aforementioned IT services within UB Spaces according to service level statements. Coordinate workstation support within various campus locations with distributed IT support organizations Handle customer requests for new service, modifications, etc. Project leadership with integrating outside vendors with extant university IT infrastructure UB Departments Request IT services according to procedures outlined at Fund fee for service when appropriate UB Employees Ensure personal devices connected to the campus network conform to UB s Network Connection Policy Adhere to UB s Computer and Network Use policy for appropriate use of information technology resources and services Contact Information Office of the Vice President and Chief Information Officer University at Buffalo 517 Capen Hall North Campus Related Information University Documents: UB Network Connection Policy UB Computer and Network Acceptable Use Policy Related Links:
5 TITLE OF POLICY PAGE 5 OF 5 UB Cost of IT Services Vice Presidential Approval J. Brice Bible August 15, 2014 J. Brice Bible, Vice President and Chief Information Officer Date
Knowledge Management and Information Technology (KMIT) Health Sciences Center Information Technology Standards for Users Updated and Approved by the KMIT Operations Council September 9, 2013 1.0 Introduction
Delgado Community College Information Technology Security Policy Approved: *November 5, 2010 ) Delgado Community College IT Security Policy Page 2 *November 5, 2010 Table of Contents Title Page 1.0 Introduction
Hamilton College Administrative Information Systems Security Policy and Procedures Approved by the IT Committee (December 2004) Table of Contents Summary... 3 Overview... 4 Definition of Administrative
1.0 BACKGROUND AND PURPOSE Information Technology ( IT ) includes a vast and growing array of computing, electronic and voice communications facilities and services. At the Colorado School of Mines ( Mines
ITS Service Level Agreement (SLA) Administrative Office, 116 Reed Library, ext. 4670 Table of Contents General Information Privacy Statement Scope Agreement Period Customer Service Statement Customer Responsibilities
FIRST Site Visit Requirements and Assessment Document originally produced by CERT Program at the Software Engineering Institute at Carnegie Mellon University And Cisco Systems PSIRT Revision When Who What
University of Georgia Telecommunications Policy for Wireless Devices/Cellular Telephones, Long Distance Usage, and Home/Off Campus Internet Access BACKGROUND OPB Policy Memorandum No. 4 (Revision 8) effective
Employee Service Level Agreement 1.0 Purpose 2.0 Term and Scope of Agreement 3.0 Scope of Service 3.1 Support Environment 3.2 Local Computer Administrative Privileges 4.0 Support Response Levels 4.1 Exceptions
Harvard Medical School Information Security Policy Contents: I. Access Control... 4 II. Fixed Password Management... 4 III. Third Party Disclosures... 5 IV. Dissemination of Information... 5 V. Establishing
Marist College Information Security Policy February 2005 INTRODUCTION... 3 PURPOSE OF INFORMATION SECURITY POLICY... 3 INFORMATION SECURITY - DEFINITION... 4 APPLICABILITY... 4 ROLES AND RESPONSIBILITIES...
Forest Hills Local School District REQUEST FOR PROPOSAL HOSTED VOIP SOLUTION E-Rate Program Eligible PART 1--GENERAL 1.1 SUMMARY A. Forest Hills Local School District is requesting proposals from qualified
Security Standard The security and risk management baseline for the lottery sector worldwide Updated by the WLA Security and Risk Management Committee V1.0, November 2006 The WLA Security Standard is the
School of Anthropology and Museum Ethnography & School of Interdisciplinary Area Studies Information Security Policy Page 1 of 10 Contents 1 Preamble...3 2 Purpose...3 3 Scope...3 4 Roles and responsibilities...3
VIRGINIA DEPARTMENT OF MOTOR VEHICLES SECURITY ARCHITECTURE POLICY 03/27/09 Version Approved April 30, 2009 Approval of Enterprise Security Architecture Policy (03/27/2009 Version) Douglas G. Mack IT Security
Policy & Procedures Help Desk Service Level Agreement (SLA), Rossey Hall, Room 058, Ext. 4357 TABLE OF CONTENTS Scope...1 Customer Service Statement...1 Help Desk Services...2 Hours of Operation...2 Methods
Checklist to Assess Security in IT Contracts Federal Agencies that outsource or contract IT services or solutions must determine if security is adequate in existing and new contracts. Executive Summary
South Texas College Cellular Telephone Use Guidelines Purpose The purpose of this document is to provide uniform guidelines to College employees regarding the acquisition, use, and payment of College owned
U. S. Department of Justice Federal Bureau of Investigation Criminal Justice Information Services Division Criminal Justice Information Services (CJIS) Security Policy Version 5.3 Prepared by: CJIS Information
NETWORK SECURITY GUIDELINES VIRUS PROTECTION STANDARDS All networked computers and networked laptop computers are protected by GST BOCES or district standard anti-virus protection software. The anti-virus
Montclair State University HIPAA Security Policy Effective: June 25, 2015 HIPAA Security Policy and Procedures Montclair State University is a hybrid entity and has designated Healthcare Components that
Internet & Cell Phone Usage Policy The Internet usage Policy applies to all Internet & Cell phone users (individuals working for the company, including permanent full-time and part-time employees, contract
Poplar Street Primary School ICT Security and Acceptable Use Policy E-Safety policy 2013/14 Working Together Aiming High! 1 Contents 1. Introduction... 3 2. Policy Objectives... 3 3. Application... 3 4.
Information Technology Policies and Procedures Wakulla County School District March 2014 Table of contents TABLE OF CONTENTS... 1 1.0 OVERVIEW... 2 2.0 PURPOSE... 2 3.0 SCOPE... 2 4.0 ACCEPTABLE USE POLICY...
Executive Summary FLORIDA DEPARTMENT OF EDUCATION On September 23, 2013, following the Governor's Education Summit, Governor Rick Scott released an Executive Order announcing a plan for policy improvements