...
- The server must be registered in the NetReg with ownership and contact information provided. Servers must be labelled or identified as a server in Netreg.
- The server must be managed by at least one system administrator.
- The server must be running a supported operating system as well as the latest approved patch.
- Patches must be evaluated and applied in a timely fashion by the system administrator.
- The server must be configured in a secure manner.
- If the server holds Category 1 data, it must meet all applicable regulatory requirements. Learn more about the University's Data Classification Standard.
- Only properly licensed software must be run on the server.
- The server or service must not interfere with any UAlbany Enterprise services (e.g., DHCP, DNS).
- The network services provided by the server must be configured to be accessible from the minimum set of systems and networks as determined by the server's business or academic requirements.
- The system administrator must continuously monitor and remediate any security issues. The University provides Tenable Vulnerability Management as a solution. Learn more about the University's Vulnerability Management. For more information on vulnerability management, please contact the ITS Service Desk.
Process of Requesting a Connection to the UAlbany Network
...
- Verify that the computing needs are not already met by existing UAlbany ITS or departmental servers.
- Assign a system administrator team to setup, maintain, and monitor the server.
- Take appropriate precautions during the installation of a server and/or software.
- Consider the physical environment and access of the server in regard to security.
- Install a supported version of the OS and service(s).
- Perform and validate backups and archives.
- Enable logging for server(s) and service(s).
- Disable default accounts and sample scripts; change any default passwords.
- Only activate/operate needed services. Any unnecessary ports and services turned on by default must be disabled.
- Restrict network access.
- Setup secure methods of authentication.
- Configure administrator level accounts to be compliant with the University's Privileged Access Standard.
- Employ file integrity checks on system and configuration files.
- Designate your server as a server system in NetReg by indicating it so in the comment box.
...