Device Physical Security
Standard and Process
Physical security of devices must be maintained and periodically reviewed to meet compliance or regulatory requirements. For servers, see the Data Center standard.
Units should designate who is responsible for periodically reviewing and assessing the physical security controls that should be in place for their environment.
IT staff are responsible for working with users on options to provide physical security for devices.
Users and data owners need to work with IT staff to follow the practices to maintain the physical security of their devices.
- This standard is based on the principles of ISO/IEC 27002:2005.
Document Owner: University Information Security
Document Approvers: Brian Dahlin, Chief Information Security Officer; Patton Fast, University Enterprise Architect
Effective Date: August 2010
Last Reviewed Date: November 2014