PENN STATE DATA CENTERS POLICY IMPLEMENTATION AND PROCEDURES MANUAL
|
|
- Denis Harrington
- 8 years ago
- Views:
Transcription
1 PENN STATE DATA CENTERS POLICY IMPLEMENTATION AND PROCEDURES MANUAL Page 1 of 19
2 Contents Data Center Access Control... 3 Access Authorization Procedure... 6 Visitor and Vendor Access... 8 Equipment Ordering and Hosting Network Access Equipment Lifecycle and Disposal Capacity Management Appendix: Service Level Agreement Appendix: Sign In Sheet Page 2 of 19
3 Purpose Data Center Access Control This policy sets requirements to govern physical access control to secured areas which house University equipment in the multiple data centers supporting Penn State IT infrastructure. Such equipment includes but is not limited to: servers, networking equipment, central storage, Voice over Internet Protocol (VOIP) and telephone equipment, and other critical systems. Policy GENERAL INFORMATION 1. The Penn State Data Centers will be locked at all times. 2. Authorized persons will be granted unescorted access. a. Authorized persons are building occupants and those that have valid card access to Data Center offices and conference rooms. b. Authorized persons also include those having card sign out authorization into Data Center secure areas. c. Authorized status may be granted to customers, Penn State Information Technology Services (ITS) staff, and long-term contracting or vendor personnel. d. Authorized status is granted at the discretion of the Director of Data Centers or their designee. 3. Visitor status may be granted to Penn State employees requiring temporary access to Data Center offices or conference rooms. 4. Visitor Escort Required status may be granted to persons not employed by Penn State requiring temporary access to Data Center offices or conference rooms or non- Authorized persons needing access to Data Center secure areas. a. Authorized personnel must approve and be responsible for all visitors. b. The visitor must obtain and display a Visitor Escort Required badge at all times. 5. No temporary access card is to be signed out for more than 8 hours. 6. Physical keys are not to be used unless the card swipe is down. Use of a physical key will trigger a forced entry investigation. Access cards are to be used with the card Page 3 of 19
4 BUILDING OCCUPANTS AND AUTHORIZED PERSONNEL 1. PSU ID or Visitor badge MUST be displayed at all times. 2. Access to the building will be via the Main entrance located at the corner of Bigler and Curtin roads (Northeast side of building). The accessible entrance is located at the Northwest side of the building across from the Creamery. 3. The loading dock will be utilized for deliveries and repair vehicle access only. 4. If an Authorized person does not have their card, a temporary office and conference room access card can be checked out with the Operations Center. a. Photo ID is required to check out a temporary access card. b. The temporary access card must be returned to the Operations Center at the end of the employee s shift. Access Management 1. All visitors entering data center facilities are required to sign in and out. 2. Readers must be used for all doors 3. All Data Center locations are secured with electronic locks requiring ID cards for access and are monitored by camera 4. Unsupervised access will be granted to authorized personnel only a. Tailgating or following an authorized person into the data center, even if all persons are authorized, is strongly discouraged. b. Authorized personnel are required to check that the door has locked behind them when entering the data center. Facility Hours 1. Data Center locations may be accessed 24 hours per day for those with authorized access privileges. 2. Normal hours of operation for buildings with Data Center facilities are from 8:00am to 5:00pm. Facility Cleanliness 1. The data centers must be kept clean and free from packaging materials at all times. This includes but is not limited to cardboard boxing materials, bags, foam peanuts, or other filler materials. Page 4 of 19
5 2. Room 125 is a designated receiving area and to be utilized to unbox and dispose of packaging materials. Once the packaging material is removed and all cardboard is discarded, the equipment to be moved into the data center may be moved to its final location or may be stored/staged inside our caged area inside room If accessories such as keyboards, cabling, hard drives, etc. are to be installed at a later time, a plastic bin will be provided to hold these devices prior to installation. 4. If there are any questions regarding facility cleanliness, unboxing equipment or storage/staging, please consult with the data center facilities representatives located in room 201 of the Computer Building. Or send an to dcfacilites@dc.psu.edu. Page 5 of 19
6 Purpose Access Authorization Procedure A significant cause of data center failure is the presence of unauthorized or unmonitored personnel obtaining access to critical facilities. This process supports the goal of securing access to data center facilities for trusted individuals only. Policy Access to data center facilities will be granted only to those personnel with direct responsibilities for servicing and life cycling data center equipment. Procedures Obtaining Data Center Access 1. All candidates for access to University Data Centers are required to have a Penn State Access Account and identification card. Individuals considered for access who do not already possess Access Accounts must obtain them by visiting the Accounts Office. Exceptions will only occur at the request of the Data Center Director. a. Individuals requiring authorization for limited and predetermined periods of time, such as vendor representatives, will be granted Escort Required Visitor access ID valid for the necessary time period only. 2. IT Directors in the candidate s administrative unit will submit a request to Data Center Management on behalf of the candidate individual. The request should include the following information about the candidate: a. Name, position, department, and ID number b. Reason access is necessary c. Equipment with which the individual will interact 3. Data Center staff will follow up promptly with further instructions or decisions regarding access requests. Page 6 of 19
7 Authorization Check 1. A check is run weekly that compares those authorized to enter the data center against the University directory. Any change in status generates an error report and the person's access is removed pending verification. This includes termination, change in department or level of employment. 2. If a change in status is recorded the individual account is verified by sending an to the director of the associated work unit and action to terminate or continue access is then determined. 3. A biannual audit will be performed by ing the director of each IT unit along with providing a list of current authorized personnel. The IT director will verify and/or make any appropriate changes to the list. Page 7 of 19
8 Purpose Visitor and Vendor Access This elaborates on Data Center Access Control. Procedures PSU EMPLOYEES 1. PSU employees visiting a Data Center building must show PSU ID and sign in at the Operations Center. 2. PSU employees will be issued a "Visitor" badge which must be displayed at all times. 3. The Visitor badge will allow access to offices and conference rooms. 4. "Visitor" badges must be returned before leaving the building. VISITORS 1. An Authorized representative must be available to sign in all visitors. Each meeting visitor must be signed in. 2. Visitors will be signed in at the Operations Center and given a "Visitor Escort Required" badge. 3. There may be instances where badges will need to be signed out for longer periods. The period may be extended by request of the Authorized person responsible for escort. 4. The Visitor Escort Required badge is for identification purposes only, and will have no door access associated with them. DATA CENTER WHITE SPACE AUTHORIZED PERSONNEL 1. Verification a) PSU or vendor ID will be required to verify access. b) Verified personnel will be given a temporary access card with the appropriate clearances. 2. Authorized personnel are required to sign in a visitor. a) Individuals will be signed in at the Operations Center. Page 8 of 19
9 DELIVERIES b) A Visitor Escort Required badge will be issued. c) The visitor must be escorted at all times within the White Space. d) Visitor approval is only good for a single entry. 1. The loading dock A/I phone will be used to request access by delivery personnel without an access card. 2. During business hours a) Operations Center staff will temporarily unlock the door via the master console. b) Deliveries will be received by the Staff Assistants in 229 or the Data Center staff. 3. After hours a) The Operations Center should be notified of all after hour deliveries prior to the time of delivery. b) Persons delivering to the building after hours should be directed to the main building entrance. c) Large deliveries requiring use of the dock should be scheduled with the Data Center staff. PHYSICAL PLANT 1. During Business Hours a) OPP employees must present a Work Order to the Operations Center. b) The Work Order number will be noted in the sign in record when the Work Order number becomes available. c) A temporary access card will be issued to the specific areas needed. d) A limited number of Area 5 employees will be pre-authorized 2. After Hours a) Requires a phone call from the Service Desk to the Operations Center stating the emergency. The Operations Center phone number is b) The Work Order number will be noted in the sign in record when the Work Order number becomes available. c) A temporary access card will be issued to the specific areas needed. SHIELDS BUILDING 1. All access to the Shields Building Data Center will follow the same procedures as the Computer Building Data Center. Page 9 of 19
10 2. Temporary access cards will be issued by the Operations Center staff at the Computer Building. Page 10 of 19
11 Purpose Equipment Ordering and Hosting This process outlines the procedure by which a customer requests data center space, equipment delivery and installation. Procedure Request for Equipment Installation 1. The customer or appropriate work unit representative will submit a request for equipment installation to dcfacilities@dc.psu.edu or by visiting and filling in the Request Form. 2. ITS Data Centers will work with the customer to verify that the equipment meets the technical requirements for housing in the Co-Lo, and to facilitate installation as appropriate. Requests must contain information regarding the following: Power, cooling, and space requirements (faceplate information, number of racks or rack-units) Networking requirements Firewall and rule set requirements Load balancing requirements Security and compliance requirements based on the kinds of data to be stored Budget information for billing purposes 3. Orders for new equipment must be delivered to the following address: [Your name] C/O Manager 229 Computer Building The Pennsylvania State University, University Park, PA Page 11 of 19
12 4. When equipment is received, Data Center staff will notify customer to arrange installation. Page 12 of 19
13 Purpose Network Access To provide network access to the customers of the centrally managed enterprise data centers Process At this time network access will be addressed and recommendations forwarded based on the requirements of the customer and the capabilities of the data centers and the Penn State Network. The process will include initial meetings with the Data Center s network engineer(s) and project manager to determine scope and deliverables. Follow up meetings may be required with TNS to determine circuit moves and timelines. A TSR will be required to move or establish connectivity to the data centers. Page 13 of 19
14 Purpose Equipment Lifecycle and Disposal This policy outlines the steps necessary to retire equipment from service. If a customer wishes to replace existing equipment with new equipment, the new equipment must be ordered according to Equipment Ordering and Hosting. Process Equipment Removal Customers will contact dcfacilities@dc.psu.edu upon deciding to remove equipment from the Data Center. Relocation Please coordinate the appropriate times for removal and relocation. Relocation expectations should be at a minimum of 48 hours. Salvage Please complete a salvage disposition form through IBIS to arrange pickup of retired equipment. Important Note: When filling out the disposition form, in the notes section, indicate "for inventory purposes only" Data Center personnel will arrange pickup of all items indicated. Treatment of Sensitive Data Use best practices to destroy any media that might possibly contain personally identifiable or otherwise sensitive information. Penn State Salvage will be able to assist in data destruction if notified Page 14 of 19
15 Capacity Management Future Topic for Governance Page 15 of 19
16 Appendix: Service Level Agreement This document is an agreement between Penn State ITS Data Centers and Customers defining the scope, requirements, and responsibilities for the information technology equipment and co-location computing services provided by ITS Data Centers. Definitions ITS Data Centers refers to the unit of Penn State Information Technology Services, its staff and facilities. Customer refers the administrative unit contracting for co-location services with ITS Data Centers. Service Contact refers to the individual designated by the Customer to be directly responsible for managing the Customer s use of ITS co-location services. In this agreement, tasks and responsibilities assigned to the Customer extend to the Service Contact. Co-Lo refers to those physical spaces which house co-location computing equipment and necessary infrastructure. For the purposes of this agreement, the term specifically refers to the designated, enclosed area within the raised-floor data room located at 139 Computer Building. Responsibilities ITS Data Center Staff agree to: 1. Provide a facility for co-location computing services with the following equipment specifications: a. Racks: Wide-body 32 enclosure with 42-unit capacity. Blanking panels are available for use between rack-mounted equipment to manage airflow b. Power Distribution Units (PDUs): 3-phase, with standard C13 and C19 receptacles. c. Cable trays: Overhead conduits for the management of networking cables. d. Structured cable: Pre-terminated and custom length cable, whether fiber or copper, delivered via cable trays. Page 16 of 19
17 e. Busway: Overhead power busway (StarLine) that accepts receptacle/ breaker assemblies to connect PDUs to facility power. f. Power: Electric power supported with redundant connections, and with UPS and generator backups. g. Cooling: Air-conditioned facilities with N+1 redundancy and generator support. h. Network: Connection to the ITS network via structured cabling. The Customer agrees to: 1. Follow all established policies and procedures regarding equipment ordering, setup, and lifecycle. 2. Maintain the Co-Lo floor and housed equipment in a tidy and orderly manner. Termination of Agreement This agreement is subject to termination by either party provided a minimum of 30 day notice is given to the other. Termination by Customer 1. The customer may request termination of services at any time via a written notice delivered 30 days prior to said termination. All equipment must be removed no later than 30 days following the date of termination. If equipment is not removed within the 30 days following termination, ITS Data Center staff reserves the authority to remove the customer s equipment from the racks and return it to the address of record. The customer is responsible for reimbursing ITS Data Centers for any costs associated with the removal and transportation of equipment. Termination by ITS 1. ITS Data Centers reserves the right to terminate service in the event that payment has interrupted or ceased. In such an event, ITS Data Centers will issue a written notice to the Customer requesting payment to re-establish service. The customer will have 30 days to resume regular payments. In the event this notice has gone unanswered, the ITS Data Center staff will have the authority to remove the customer s equipment from the racks and return it to the address of record. The customer is responsible for reimbursing ITS Data Centers for any costs associated with the removal and transportation of equipment. Page 17 of 19
18 2. Termination of service provided to a college or work unit may be necessary in the event that capacity has been reached in the Co-Lo, and it has been determined by review that equipment belonging to the Customer does not provide a service critical to the operation of the University. I agree to the conditions outlined in this document: Customer / Service Contact Director of Data Centers ITS Data Centers Facilities Contacts: Brett Dixon, Austin Lewis Please send all correspondence to dcfacilities@dc.psu.edu Page 18 of 19
19 Appendix: Sign In Sheet Page 19 of 19
DataCentre Access Policies & Procedures
DataCentre Access Policies & Procedures Contents Purpose... 3 Overview... 3 DataCentre Access... 3 DataCentre Access Levels... 4 Periodic Review & Termination of Access... 5 DataCentre Access Log... 5
More informationLouisiana State University Information Technology Services (ITS) Frey Computing Services Center Data Center Policy
Louisiana State University Information Technology Services (ITS) Frey Computing Services Center Data Center Policy Access: If you have been granted a Frey Access Card with currently approved access to
More informationTenant Managed Services- Basic. Rancho Cordova Data Center. Tenant Guide 2014-08
- Basic Rancho Cordova Data Center Tenant Guide 2014-08 TABLE OF CONTENTS 1 INTRODUCTION... 3 1.1 PURPOSE... 3 2 COMPUTER ROOM GUIDELINES... 4 2.1 GENERAL SITE GUIDELINES... 4 2.2 CABINET GUIDELINES...
More informationPolicy Title-Aquia Data Center Operational Policy & Procedure. Policy ID - TSD-ADC001. Version - Version: 1.0. Supersedes Version 1.
Policy Title-Aquia Data Center Operational Policy & Procedure Policy ID - TSD-ADC001 Version - Version: 1.0 Supersedes Version 1.0 Review Date One (1) year from effective date. Policy & Procedure - Provides
More informationGeorgia Tech Aerospace Server French building Server Room. Server Room Policy Handbook: Scope, Processes and Procedure
Georgia Tech Aerospace Server French building Server Room Server Room Policy Handbook: Scope, Processes and Procedure Version History Version/Status Release Date Comments 1.1/Draft 1.2 1.3 1.4 1.5 1.6
More informationData Centre & Facilities Access Procedures
University of Manitoba - Information Services & Technology Data Centre & Facilities Access Procedures Effective Date: Review Date: Approving Body: Applies to: March 1, 2012 March 1, 2017 Mike Langedock,
More informationVersion: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013
Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Rule 4-004L Payment Card Industry (PCI) Physical Security (proposed) 01.1 Purpose The purpose
More informationCITY UNIVERSITY OF HONG KONG Physical Access Security Standard
CITY UNIVERSITY OF HONG KONG (Approved by the Information Strategy and Governance Committee in December 2013) PUBLIC Date of Issue: 2013-12-24 Document Control Document Owner Classification Publication
More informationState of Vermont. Physical Security for Computer Protection Policy
State of Vermont Physical Security for Computer Protection Policy Date Approved: 04-02-10 Approved by: Tom Pelham Policy Number: 0501.012005 Contents 1.0 Introduction... 3 1.1 Authority... 3 1.2 Purpose...
More informationData Centers and Mission Critical Facilities Access and Physical Security Procedures
Planning & Facilities Data Centers and Mission Critical Facilities Access and Physical Security Procedures Attachment B (Referenced in UW Information Technology Data Centers and Mission Critical Facilities
More informationCO-LOCATION SPACE SCHEDULE OF SERVICES Schedule 1
CO-LOCATION SPACE SCHEDULE OF SERVICES Schedule 1 1. THIS SCHEDULE - INTERPRETATION 1.1 The terms of this Co-Location Space Schedule of Services ( Schedule 1 ) apply together with, in addition to and form
More informationCustomer Guide to the DATAONE Datacenter
Customer Guide to the DATAONE Datacenter User guide for Private Suite or Colocation Customer Version 1.0 July 2012 CONTENTS 1 Welcome... 3 2 Getting started... 4 2.1 CONTACTING US... 4 2.2 OBTAINING SECURITY
More informationCo-location service from Bell. Version 1.0 April 10, 2007. Updated as of 4/10/2007 1
Co-location service from Bell Version 1.0 April 10, 2007 Updated as of 4/10/2007 1 Contents 1. Introduction... 3 2. Service features... 3 3. Installation guidelines... 4 3a. Equipment installation in racks...
More informationData Center Access Policies and Procedures
Data Center Access Policies and Procedures Version 2.0 Tuesday, April 6, 2010 1 Table of Contents UITS Data Center Access Policies and Procedures!3 Introduction!3. Overview!3 Data Center Access!3 Data
More informationAquia Data Center Information Research Computing & Co-Location Guide
Aquia Data Center Information Research Computing & Co-Location Guide Information Technology Unit Technology Systems Division Co-location The Information Technology Unit (ITU) is pleased to announce a Data
More informationhong kong//china data center specifications tel: +61 2 9948 8888 fax: +61 2 9948 1111 internet + intellectual property + intelligence
internet + intellectual property + intelligence We thank you for the opportunity to work with you regarding your colocation needs in Hong Kong, China. We can colocate standard rack-mountable servers or
More informationData Center Operational Policy
POLICY NAME: Data Center Operational Policy Effective Date: Policy Owner: Policy Number: Related Policies: Purpose: Scope: Policy Statement: Definitions: Responsibilities: The policy will become effective
More informationHosted Testing and Grading
Hosted Testing and Grading Technical White Paper July 2014 www.lexmark.com Lexmark and Lexmark with diamond design are trademarks of Lexmark International, Inc., registered in the United States and/or
More informationCS&T Data Center Hosted Shared Services Policies & Work Rules
CS&T Data Center Hosted Shared Services Policies & Work Rules Last Modified 07-08-2014 1 Personal Accountability Failure to comply with the following procedures is grounds for immediate removal from the
More informationMARULENG LOCAL MUNICIPALITY
MARULENG LOCAL MUNICIPALITY Data Centre Physical Access and Environmental Control Policy Draft: Data Centre Access Control and Environmental Policy Page 1 Version Control Version Date Author(s) Details
More informationHow To Write Anu Data Centre
AUSTRALIAN NATIONAL UNIVERSITY DATA CENTRE STANDARDS ANU ITS Data Centre Operations Version: 1.1 Date: 18 th March 2014 Status: Final Type: Internal Prepared By: David Hardwicke and Geoff Barlow Document
More informationWelcome to AISB Created by IT Facilities Manager, Lylah Shelor and Updated on July 28, 2015
Welcome to AISB Created by IT Facilities Manager, Lylah Shelor and Updated on July 28, 2015 Index Emergency Action Plan online at www.it.vt.edu Location of Fire Extinguishers, Emergency Pulls & AEDs..2
More informationHIPAA 101: Privacy and Security Basics
HIPAA 101: Privacy and Security Basics Purpose This document provides important information about Kaiser Permanente policies and state and federal laws for protecting the privacy and security of individually
More informationMiddleborough Police Electronic Security Narrative
Middleborough Police Electronic Security Narrative 1. PURPOSE The purpose of this document is to define specific security, access control and surveillance requirements for the exterior and interior of
More informationSupply Chain Security Audit Tool - Warehousing/Distribution
Supply Chain Security Audit Tool - Warehousing/Distribution This audit tool was developed to assist manufacturer clients with the application of the concepts in the Rx-360 Supply Chain Security White Paper:
More informationREVIEWED ICT DATA CENTRE PHYSICAL ACCESS AND ENVIROMENTAL CONTROL POLICY
LI_M_POPO PROVINCIAL GOVERNMENT :;:ED.JBl-C ()F SO"';-H AFR;IC. ':.,. DEPARTMENT OF CO-OPERATIVE GOVERNANCE, HUMAN SETTLEMENTS & TRADITIONAL AFFAIRS REVIEWED ICT DATA CENTRE PHYSICAL ACCESS AND ENVIROMENTAL
More informationYale Business Continuity Program Emergency Response Guide
Contents Yale Business Continuity Program Emergency Response Guide March 2016 Introduction Immediate Actions Assess the Damage Determining Business Disruption Determining Plan of Action Relocation Checklist
More informationData Centers and Mission Critical Facilities Operations Procedures
Planning & Facilities Data Centers and Mission Critical Facilities Operations Procedures Attachment A (Referenced in UW Information Technology Data Centers and Mission Critical Facilities Operations Policy)
More informationDesigning A Communications Cabling System for the Colocation Data Center Larry Smith President, ABR Consulting Group, Inc.
Designing A Communications Cabling System for the Colocation Data Center Larry Smith President, ABR Consulting Group, Inc. It is often said that the communications cabling system is the conduit over which
More informationInformation Technology Security Procedures
Information Technology Security Procedures Prepared By: Paul Athaide Date Prepared: Dec 1, 2010 Revised By: Paul Athaide Date Revised: September 20, 2012 Version 1.2 Contents 1. Policy Procedures... 3
More informationPolicy Scope: The policy applies across the Division to all DPH workgroups who maintain, use, have access to, or come into contact with IIHI.
Title: DPH Current Effective Date: September 22, 2003 Original Effective Date: April 14, 2003 Revision History: April 22, 2004 May 1, 2011 January, 2014 Purpose The purpose of the Division of Public Health
More informationHow To Protect Research Data From Being Compromised
University of Northern Colorado Data Security Policy for Research Projects Contents 1.0 Overview... 1 2.0 Purpose... 1 3.0 Scope... 1 4.0 Definitions, Roles, and Requirements... 1 5.0 Sources of Data...
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationIntroduction... 4. Management... 4. Tenancy terms... 4. Applying... 4. Licence agreement... 4. Payment of fees... 4. Insurance... 4. Moving in...
Page 1 Contents Introduction... 4 Management... 4 Tenancy terms... 4 Applying... 4 Licence agreement... 4 Payment of fees... 4 Insurance... 4 Moving in... 5 Moving out... 5 Office licence fees... 5 What
More informationHow To Write A Health Care Security Rule For A University
INTRODUCTION HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 The Health Insurance Portability and Accountability Act (HIPAA) Security Rule, as a
More informationEffective Date: Subject Matter Experts / Approval(s): TAC: LASO: C/ISO: Front Desk: Technology Support Lead: Agency Head:
Policy Title: Effective Date: Revision Date: Subject Matter Experts / Approval(s): TAC: LASO: C/ISO: Front Desk: Technology Support Lead: Agency Head: Every 2 years or as needed Purpose: The purpose of
More informationThe second section of the HIPAA Security Rule is related to physical safeguards. Physical safeguards are physical measures, policies and procedures
The second section of the HIPAA Security Rule is related to physical safeguards. Physical safeguards are physical measures, policies and procedures to protect and secure a covered entity s electronic information
More informationNeuStar Ultra Services Physical Security Overview
NeuStar Ultra Services Physical Security Overview Mission-critical network operations must have the highest standards of quality, security and reliability. NeuStar Ultra Services currently locates its
More informationSupplier Information Security Addendum for GE Restricted Data
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
More informationDATAMENA COLOCATION SERVICE SCHEDULE
DATAMENA COLOCATION SERVICE SCHEDULE This Schedule is applicable to a Service Order for datamena Colocation Service(s) which has been submitted by Customer, and accepted by Supplier, in accordance with
More informationThe first step in protecting Critical Cyber Assets is identifying them. CIP-002 focuses on this identification process.
CIPS Overview Introduction The reliability of the energy grid depends not only on physical assets, but cyber assets. The North American Electric Reliability Corporation (NERC) realized that, along with
More informationSpec Sheet. Cisco R42610 Rack CISCO SYSTEMS PUBLICATION HISTORY 170 WEST TASMAN DR. SAN JOSE, CA, 95134 REV A.6 DECEMBER 9, 2014 WWW.CISCO.
Spec Sheet CISCO SYSTEMS PUBLICATION HISTORY 170 WEST TASMAN DR. SAN JOSE, CA, 95134 REV A.6 DECEMBER 9, 2014 WWW.CISCO.COM Overview................................................ 3 Rack Certifications
More informationOverview. Responsibility
Overview Property management is an important function at the University. Prudent inventory practices help protect the University s multi-million dollar investment in equipment, provide documentation needed
More informationResponsibility Due/Done Relocation Task Comments
RELOCATION TASK LIST This task list and timetable have been developed to help you organize your move and can adapt to any project. -90 DAYS Form a relocation committee. Define any special use licenses,
More informationCustoms -Trade Partnership Against Terrorism (C-TPAT) Vendor Participation Overview
Customs -Trade Partnership Against Terrorism (C-TPAT) Vendor Participation Overview On September 11, 2001, combating the threat of terrorism became U.S. Customs number one priority. Due to the attacks
More informationService Level Agreement Between: Computing and Informational Technology And The Finance and Business Operations Division
Service Level Agreement Between: Computing and Informational Technology And The Finance and Business Operations Division 1/9 1. Executive Summary This Service Level Agreement ( SLA ) is between Computing
More informationColocation Master Services Vol.1.0
Colocation Master Services Vol.1.0 THIS COLOCATION MASTER SERVICE AGREEMENT ( Colo MSA or Colocation MSA ) shall apply to Service Orders or Agreements ( agreement(s), service order(s), or contract(s) )
More informationIT - General Controls Questionnaire
IT - General Controls Questionnaire Internal Control Questionnaire Question Yes No N/A Remarks G1. ACCESS CONTROLS Access controls are comprised of those policies and procedures that are designed to allow
More informationPhysical Protection Policy Sample (Required Written Policy)
Physical Protection Policy Sample (Required Written Policy) 1.0 Purpose: The purpose of this policy is to provide guidance for agency personnel, support personnel, and private contractors/vendors for the
More informationCh. 435a KEY, GAMING & NONGAMING EMPLOYEES 58 435a.1. CHAPTER 435a. KEY, GAMING AND NONGAMING EMPLOYEES; BOARD-ISSUED CREDENTIALS
Ch. 435a KEY, GAMING & NONGAMING EMPLOYEES 58 435a.1 CHAPTER 435a. KEY, GAMING AND NONGAMING EMPLOYEES; BOARD-ISSUED CREDENTIALS Sec. 435a.1. 435a.2. 435a.3. 435a.4. 435a.5. 435a.6. 435a.7. 435a.8. 435a.9.
More informationDepartment of Information Technology
Department of Information Technology ISSUE DATE: 6/3/08 EFFECTIVE DATE: 9/1/08 Facilities TITLE: Physical Access Control for DoIT POLICY NUMBER: DOIT-773-3102-001-A REVISED DATE: NEXT REVIEW DATE: 9/1/09
More informationSECURITY RULE POLICIES AND PROCEDURES
County of Sacramento Health Insurance Portability and Accountability Act (HIPAA) SECURITY RULE POLICIES AND PROCEDURES Issued: February 1, 2005 Effective: April 14, 2005 Revised: January 1, 2010 HIPAA
More informationmelbourne//australia data center specifications internet + intellectual property + intelligence tel: +61 2 9948 8888 fax: +61 2 9948 1111
internet + intellectual property + intelligence We thank you for the opportunity to work with you regarding your colocation needs in Melbourne,. We can colocate standard rack-mountable servers or other
More informationRules of Conduct and Safety
Rules of Conduct and Safety ETISALAT DATA CENTER RULES - V2.4 Contents Definitions... 2 Introduction... 3 Safety Instructions... 3 Upon entering the Data Center... 3 Privacy Notice / Camera Surveillance...
More informationData center solutions Medium & large enterprise, multi-tenant and hyperscale. Energize your data center, maximize the value of your investment
Data center solutions Medium & large enterprise, multi-tenant and hyperscale Energize your data center, maximize the value of your investment We serve the needs of data centers of all sizes, around the
More informationSecure your IT equipment with confidence... secure with NetClosure
Secure your IT equipment with confidence... secure with NetClosure SERVER CABINETS NetClosure s REM Series Server Cabinet is the ultimate solution designed and engineered for demanding data center environments.
More informationHIPAA ephi Security Guidance for Researchers
What is ephi? ephi stands for Electronic Protected Health Information (PHI). It is any PHI that is stored, accessed, transmitted or received electronically. 1 PHI under HIPAA means any information that
More information2. Employees must wear their ID tag at all times while on the premises.
3. Physical Access Controls Access control must prevent unauthorized entry to facilities, maintain control of employees and visitors and protect company assets. There must be written and verifiable procedures
More informationSeventh Avenue Inc. 1
Seventh Avenue Inc. Supply Chain Security Profile Customs-Trade Partnership against Terrorism Supplier Questionnaire Seventh Avenue is a member of the Customs-Trade Partnership against Terrorism (C-TPAT).
More informationDataSite Data Center Policies & Work Rules
DataSite Data Center Policies & Work Rules DataSite Data Center Policies & Work Rules The following policies regulate activities at the DataSite Data Centers (Data Center). These rules are intended to
More informationPhysically secure facilities will better protect your computing equipment from theft, vandalism and accidental damage
ITS Service Level Agreement Last Changed: July 31, 2014 Co-Location Service What is Co Location? Co Location is an ITS service that allows departments and researchers at the University of Hawaii to locate
More informationSAMPLE TEMPLATE. Massachusetts Written Information Security Plan
SAMPLE TEMPLATE Massachusetts Written Information Security Plan Developed by: Jamy B. Madeja, Esq. Erik Rexford 617-227-8410 jmadeja@buchananassociates.com Each business is required by Massachusetts law
More informationContact us for a free consultation today! 630-936-4045 officemove@aie195.com
IT Relocation Schedule Moving offices? Often, relocating your IT infrastructure can be one of the most daunting aspects of the move, and it s also the most critical to business continuity. Servers, PCs,
More informationCruziointernet 877 Cedar Street, Suite 150 Santa Cruz, CA 95060 P: 831.459.6301 F: 831.460.2839 cruzio.com
Cruziointernet 877 Cedar Street, Suite 150 Santa Cruz, CA 95060 P: 831.459.6301 F: 831.460.2839 cruzio.com Colocation Terms of Use This Colocation Terms of Use (hereinafter referred to as Agreement or
More informationState Of Florida's Real Estate Law
Office of the President University Policy SUBJECT: IDENTITY THEFT PREVENTION PROGRAM Effective Date: 6-17-09 Policy Number: 5.6 Supersedes: Page Of New 1 7 Responsible Authority: Senior Vice President,
More informationC-TPAT Self-Assessment - Manufacturing & Warehousing
Task # Section/Control Description 1 Security Management System 1.1 Is there a manager or supervisor responsible for implementing security within the company? Please provide the security manager s name
More informationImporters must have written and verifiable processes for the selection of business partners including manufacturers, product suppliers and vendors.
Security Profile For each of the sections below, you will be required to write a response and/or upload a document demonstrating how your company adheres to the stated requirement. There is no one right
More informationFDU - Records Retention policy Final.docx
Records and Information Management Program Policy and Procedure Responsible Office Office of the General Counsel Effective Date 04/01/2012 Responsible Official General Counsel Last Revision I. Rationale
More informationFACILITIES MANAGEMENT DEPARTMENT QUICK REFERENCE Guide to Services
FACILITIES MANAGEMENT DEPARTMENT QUICK REFERENCE Guide to Services After-Hours Service Calls Air Conditioning and Heating Bicycle Racks Building Conditions Inspections Contract Construction (handled by
More informationPurchasing Card Procedure Manual
Purchasing Card Procedure Manual Draft 05/26/11 Table of Contents PURCHASING CARD PROGRAM... 3 ACQUIRING A PURCHASING CARD... 3 TRAINING... 4 ACTIVATION AND RENEWAL... 4 CARDHOLDER ROLES & RESPONSIBILITIES...
More informationOracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0
Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies
More informationPHYSICAL ACCESS CONTROL
Contact: Administrative Services Issued: June 24, 2013 Supersedes: Keys - Administration and Control of Keys, September 2007; and Keys - Issuance and Retrieval, March 1986 Pages: 13 OVERVIEW PHYSICAL ACCESS
More informationReed Community Resident Guide 2015-2016
Reed Community Resident Guide 2015-2016 The Reed Community Resident Guide is designed to supplement the policies found in University Housing's Community Guide by providing information and resources specific
More informationVeteran s Affairs Appraisals Orders and VA Appraiser Payments for Wholesale
Veteran s Affairs Appraisals Orders and VA Appraiser Payments for Wholesale (Non-Delegated is not permitted to use New Penn Sponsor Identification Number for VA Appraisals. Sponsor Identification field
More informationNetwork and Workstation Acceptable Use Policy
CONTENT: Introduction Purpose Policy / Procedure References INTRODUCTION Information Technology services including, staff, workstations, peripherals and network infrastructures are an integral part of
More informationABBVIE C-TPAT SUPPLY CHAIN SECURITY QUESTIONNAIRE
AbbVie is a participant in the U.S. Customs supply chain security program called the Customs-Trade Partnership Against Terrorism (C-TPAT). Participation in C-TPAT requires AbbVie to ensure that its overseas
More informationDimensions (HxDxW) Total Cabinet Area 89.96x 39.69 x 24 in/ 2,285 x 1,008.17 x 612.77 mm 95.47x 48 x 32 in/ 2,425 x 1,219.2 x 812.
1 Compaq 10000 Series Racks The 10000 series racks are a family of 1000mm deep racks which are available in 22U, 36U, 42U and 47U 600mm widths. Compaq 10000 Series Racks provides a common, integrated platform
More informationOur Customer Relationship Agreement CO-LOCATION SERVICE DESCRIPTION
Our Customer Relationship Agreement CO-LOCATION SERVICE DESCRIPTION Internode Pty Ltd ABN 82 052 008 581 Phone: 13 66 33 1/502 Hay Street, Subiaco WA 6008 15 October 2013 Rules of interpretation and capitalised
More informationOPERATOR - FACILITY ADDRESS - DATE
. Facility Criteria (RFP).0 Location Characteristics Criteria Requirements 1 Ownership and Management: Please identify the owner(s) and managers of the property and indicate if there is on-site management.
More informationGeorgia Institute of Technology Data Protection Safeguards Version: 2.0
Data Protection Safeguards Page 1 Georgia Institute of Technology Data Protection Safeguards Version: 2.0 Purpose: The purpose of the Data Protection Safeguards is to provide guidelines for the appropriate
More informationHow To Co-Location On Nextgen (Networking)
Category Terms Part 2A: Co-location Services 1. Application These terms apply to all Co-location services we provide and form part of our customer contract with you. They must be read in conjunction with
More informationHow To Protect A Water System
SECURITY OFFICER & PATROL OFFICER PROTOCOL SECURITY OFFICER LOCATIONS AND SHIFTS La Entrada Main Security Center 24 hour coverage 7 days per week Plant 1 Main Gate Monday Friday, 5:00 AM 6:00 PM Patrol
More informationLevel I - Public. Technical Portfolio. Revised: July 2015
Level I - Public Technical Portfolio Revised: July 2015 Table of Contents 1. INTRODUCTION 3 1.1 About Imaginatik 3 1.2 Taking Information Security Seriously 3 2. DATA CENTER SECURITY 3 2.1 Data Center
More informationNetwork Design Incorporated
Network Design Incorporated Network Design Incorporated specializes in the design, installation and project management of Information Transport Systems (ITS) and the various technology solutions utilizing
More informationSecurity Access Control System Operations Manual
Security Access Control System Operations Manual Updated April 2008 Theresa A. Thayer, Manager Key/Card Control Center 2003 Millikin Road - #035 Columbus OH 43210-1268 http://fod.osu.edu/keys 614-292-1415
More informationHIPAA Information Security Overview
HIPAA Information Security Overview Security Overview HIPAA Security Regulations establish safeguards for protected health information (PHI) in electronic format. The security rules apply to PHI that is
More informationGuideline on Emergency Action Plans for Food Establishments: Sewage Backup
Guideline on Emergency Action Plans for Food Establishments: Sewage Backup A sewage backup refers to the overflow of sewage from equipment or plumbing facilities within a food establishment. A sewage backup
More informationSection 010103 Summary of Work Contract 11-03 Security System, Network Infrastructure and UPS Power
Section 010103 Security System, Network Infrastructure and UPS Power Part 1 General 1.1 Summary (Non-inclusive) A. Section Includes: Construction operations required by Contract Documents, defines aspects
More informationSUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This
More informationStructured Cabling Statement of Work
Structured Cabling Statement of Work Multiple Locations June 15, 2010 Page 1 A. GENERAL a. San Joaquin County (referred to as Owner ) is requesting proposals for a new structured cabling infrastructure
More informationMAG DATACENTERS, LLC ( FORTRUST ) Service Organization Controls 3
MAG DATACENTERS, LLC ( FORTRUST ) Service Organization Controls 3 Report on FORTRUST s Enterprise Data Center and Colocation Services System Relevant to Security and Availability For the Period October
More informationService Children s Education
Service Children s Education Data Handling and Security Information Security Audit Issued January 2009 2009 - An Agency of the Ministry of Defence Information Security Audit 2 Information handling and
More informationSub-Bid Contractor Update Statement. Tab A - Invitation for Bids. Tab B - Instructions to Bidders
INTRODUCTORY INFORMATION TABLE OF CONTENTS 00 0101 PROJECT TITLE PAGE PROCUREMENT REQUIREMENTS (PROJECT MANUAL) Tab A - Invitation for Bids Tab B - Instructions to Bidders Tab C Bid Form for General Bids
More informationRemote Deposit Terms of Use and Procedures
Remote Deposit Terms of Use and Procedures Use of American National Bank Fox Cities (Bank) Remote Deposit service is subject to the following Terms of Use and Procedures. Bank reserves the right to update
More informationContent Index. 1. General... 3. 2. Location and Building... 4. 3. Telecommunication Feeds... 6. 4. Electric Power... 7. 5. Climate Control...
Content Index 1. General... 3 2. Location and Building... 4 3. Telecommunication Feeds... 6 4. Electric Power... 7 5. Climate Control... 8 6. Safety and Security... 9 7. Internal Procedures... 11 General
More informationNetwork Documentation Checklist
Network Documentation Checklist Don Krause, Creator of NetworkDNA This list has been created to provide the most elaborate overview of elements in a network that should be documented. Network Documentation
More informationCDW Advanced Image Deployment Service Customer Guide
CDW Advanced Image Deployment Service Customer Guide Contents Service Description... 2 Image Deployment Solutions... 2 Why would my organization use this service?... 2 Benefits of Advanced Imaging over
More information** PROPRIETARY ** SAMPLE COUNTY DATA CENTER PROJECT BUDGET ** PROPRIETARY **
1.0 SECTION I - DESIGN AND ENGINEERING FEES 1.0.1 Project Management and Administration Costs $25,000 1.0.2 Architectural and Space Planning 1.0.2.1 Design Development 1.0.2.1.1 Lead Architect 500 $130.0
More information2.09 Key and Card Access Systems Approved by Executive Committee: 8/17/04
2.09 Key and Card Access Systems Approved by Executive Committee: 8/17/04 A. Keys 1) Sul Ross State University maintains a centralized key and lock system to enhance the control and security of property
More informationARKANSAS TECH UNIVERSITY
ARKANSAS TECH UNIVERSITY INVENTORY CONTROL MANUAL SEPTEMBER 2005 PROPERTY MANAGEMENT OFFICE 204 BRYAN EXT. 6087 FAX 968-0227 INTRODUCTION The purpose of this Inventory Manual is to present a uniform method
More information