Versions Compared

Old Version 72

changes.mady.by.user Trubitt, Lisa V

Saved on

compared with

New Version Current

changes.mady.by.user Trubitt, Lisa V

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. The server must be registered in the NetReg with ownership and contact information provided.  Servers must be labelled or identified as a server in Netreg.
  2. The server must be managed by at least one system administrator.
  3. The server must be running a supported operating system as well as the latest approved patch.
  4. Patches must be evaluated and applied in a timely fashion by the system administrator.
  5. The server must be configured in a secure manner. 
  6. If the server holds Category 1 data, it must meet all applicable regulatory requirements. Learn more about the University's Data Classification Standard.
  7. Only properly licensed software must be run on the server.
  8. The server or service must not interfere with any UAlbany Enterprise services (e.g., DHCP, DNS).
  9. The network services provided by the server must be configured to be accessible from the minimum set of systems and networks as determined by the server's business or academic requirements.
  10. The system administrator must continuously monitor and remediate any security issues. The University provides Tenable Vulnerability Management as a solution. Learn more about the University's Vulnerability Management. For more information on vulnerability management, please contact the ITS Service Desk

Process of Requesting a Connection to the UAlbany Network

...

  1. Verify that the computing needs are not already met by existing UAlbany ITS or departmental servers.
  2. Assign a system administrator team to setup, maintain, and monitor the server.
  3. Take appropriate precautions during the installation of a server and/or software.
  4. Consider the physical environment and access of the server in regard to security.
  5. Install a supported version of the OS and service(s).
  6. Perform and validate backups and archives.
  7. Enable logging for server(s) and service(s).
  8. Disable default accounts and sample scripts; change any default passwords.
  9. Only activate/operate needed services. Any unnecessary ports and services turned on by default must be disabled.
  10. Restrict network access.
  11. Setup secure methods of authentication.
  12. Configure administrator level accounts to be compliant with the University's Privileged Access Standard.
  13. Employ file integrity checks on system and configuration files.
  14. Designate your server as a server system in NetReg by indicating it so in the comment box.

...