1.0 PURPOSE
This procedure outlines the necessary precautions that must be taken to ensure that the College’s information systems and associated data are properly secured from unauthorized physical access and tampering/destruction attempts.
2.0 SCOPE
This procedure applies to all College data centers and other areas that house information systems and data on site. Personnel with access to these areas must adhere to the details outlined in the procedure below.
3.0 PROCEDURE
Areas affected by this procedure include all designated data centers, all designated telecommunications closets, main distribution frames, intermediate distribution frames, and other areas containing servers, storage systems, and networking equipment at all campus, center, and tower facility locations.
Entry doors must be locked at all times. Propping doors open is strictly prohibited unless the door is being propped by an authorized employee who is continuously present. Using any other item as a doorstop is prohibited.
Only authorized personnel are allowed unescorted entry. Authorized personnel include:
- Information Services personnel
- Facilities/Maintenance personnel
- Campus/Center Managers
- Trusted vendors/partners approved by the Chief Information Officer, Network and Systems Administrator or Director of Facilities and Maintenance
An authorized individual must escort all other individuals at all times, after having the escorted individual sign in using the form posted at the entry to the area. The escorted individuals must sign out after leaving the area, using the same aforementioned form.
Information Services staff will review and initial the sign-in logs quarterly, to ensure proper use and documenting of physical access.
Video surveillance equipment shall be used for monitoring and recording purposes.
