Physical Security for Servers 

Servers (computers used by multiple users at a time or that are a central data repository) that are designated as critical to the operation of the University are required to be physically secured to a high standard. The University is committed to providing secure and environmentally appropriate facilities for these mission critical computer systems in a fiscally responsible and efficient manner.

Multiple departmental audits have identified inadequate physical security (including access, environmental protections, etc.) as representing a substantial risk to the University community in terms of time, money, and potential data loss or disclosure. To respond to these concerns and to better protect data, industry best practices have been reviewed and summarized as the minimum level of protection necessary.

Minimum Protection Level

The Office of Information Technology (OIT) and coordinate campus central IT units offer centrally-funded data center facilities for critical servers. These facilities provide an environmentally protected and professionally managed facility. They help protect University data from unauthorized acquisition and promote compliance with state and federal laws and contractual commitments. The University conducts periodic data center audits to confirm compliance to security, environmental, and management standards.