Add to collection(s) Add to saved
  1. Business
  2. Management

Lingnan University

advertisement 
Data Centre Access Policy
Lingnan University Data Centre Access Policy
Introduction
The Lingnan University Data Centres (Main and Secondary) provide specific environments,
enhanced security access, fire alarm/suppression, Uninterrupted Power Supplies (UPS), Campus
Backbone connectivity, air conditioning and a number of other elements required for missioncritical resources. The procedures described in this document have been developed by ITSC to
maintain a secure Data Centre environment and must be followed by all staff working in the Data
Centres. It is important that any department/unit contemplating the installation of their servers in
a Lingnan University Data Centre fully understands and agrees to these policies.
Data Centre Physical Security Guidelines
1.
Security Policy
Security for the Data Centres is the responsibility of all departments that share space in the Data
Centres. The ITSC Database and Network Services team (DNS) is responsible for the
implementation of this policy. It is important that all University faculty, staff and business
associates follow these policies and practices. Failure to do so can lead to personnel action under
the university’s disciplinary procedures. Failure of a vendor, consultant or contractor to follow
the guidelines set forth in this document can also be grounds for termination of any commercial
agreements and/or potential legal action.
2.
Access control to Data Centres
Data Centres are restricted areas requiring a much greater level of control than normal non-public
University spaces. Only individuals who are expressly authorised to do so by the ITSC Director
may enter these areas. University staff are required to apply for access to the Data Centres by
filling in the ‘Data Centre Access Request Form’ attached to this document. Access privileges
will only be granted to individuals who have a legitimate business need to be in a Data Centre and
these areas may only be entered to conduct authorised University business. All departmental staff
utilising a Data Centre must familiarise themselves thoroughly with this document. Any
questions regarding policies and procedures should be addressed to the ITSC Director. The only
exception allowed to temporarily suspend the Data Centre Access Policy rules, is for emergency
access for medical, fire and/or police requirements.
2.1
Controlling Access
Controlling Access is given to staff that have free access authority to a Data Centre.
Controlling Access is granted to ITSC core technical staff and departmental system support
teams whose job responsibilities require that they have access to these areas. These
individuals also have the authority to grant temporary access to the Data Centre and to enable
others to enter and leave the Data Centre. People with Controlling Access are responsible for
the security of the area and for any individuals, such as vendors or consultants, which they
have authorised to be in a Data Centre. Individuals with Controlling Access to a Data Centre
normally will be granted access via smart card and will be placed on the Authorised Access
List of the Data Centre smart card door security system. They must also wear their issued
staff identification card at all times while in a Data Centre. Any individual receiving
Internal Use
Page 1 of 5
Data Centre Access Policy
Controlling Access must go through a formal background check. If a person with Controlling
Access authorises Escorted Access to an individual, the person granting access is responsible
for escorting these individuals and making sure that they also sign in and out. If needed,
these duties can be delegated to a member of the DNS team on duty in a Data Centre.
2.2
Escorted Access
Escorted Access is closely monitored access issued to people who have a legitimate business
need for infrequent access to a Data Centre. ‘Infrequent Access’ is generally defined as
access required for less than 10 days per year. Individuals with Escorted Access will not be
granted access via smart card to the Data Centre. A person given Escorted Access to the area
must sign in and out under the direct supervision of a person with Controlling Access. They
must provide positive identification upon demand and must leave the area when requested to
do so. Escorted Access visitors will be given a ‘Visitor’ badge after they have registered and
must be accompanied by a person with Controlling Access. A person with Escorted Access
to the area must not allow any other person to enter or leave the area.
2.3
Facilities Management Access
The Facilities Management Division (FMD) of Lingnan University is responsible for the
maintenance and operational support of all universities building services, such as electricity,
CRAC units, etc. It is therefore necessary for FMD staff to access the Data Centres to carry
out their duties, such as emergency maintenance on electrical or fire prevention systems
during non-office hours. To facilitate this operation, two smart cards for accessing the Data
Centres will be granted to the FMD Manager. The FMD Manager is therefore responsible
for the control of the FMD staff accessing the Data Centre. It is also the responsibility of the
FMD Manager to make sure that all FMD staff who gain access to the Data Centres abide by
the rules, guidelines and regulations of the Data Centres. Any violations shall be reported to
the University and subject to disciplinary action.
3.
Data Centre Door Security
All doors to a Data Centre must remain locked at all times and may only be temporarily opened
for periods not to exceed that minimally necessary, in order to…

Allow officially approved and logged entrance and exit of authorised individuals.

Permit the transfer of supplies/equipment as directly supervised by a person with
Controlling Access to the area.

Prop open a door to the Data Centre ONLY if it is necessary to increase airflow into the
Data Centre in the case on an air conditioning failure. In this case, staff with
Controlling Access must be present and they must also limit access to a Data Centre.
4.
Data Centre Access Termination
Periodic reviews by the DNS team will be performed of those with any level of access to the Data
Centre. If an individual no longer requires Data Centre access, it will be revoked by removing
access privileges from the smart card door security system. The DNS Team reserves the right to
revoke the Data Centre privilege without prior notice to any departmental staff due to security
reasons. The staff member’s department is also responsible to inform the ITSC Director and the
DNS Team to review/terminate access of a person who has terminated his/her employment or
current role in the department
Internal Use
Page 2 of 5
Data Centre Access Policy
5.
Exception Reporting
When an unauthorised individual is found in the Data Centre it must be reported immediately to a
member of the DNS Team. If this occurs during non-office hours, a Campus Security person
should be contacted immediately. The unauthorised individual should be escorted from the Data
Centre and a full written report should be submitted immediately to the ITSC Director. Any
attempt to forcibly or improperly enter a Data Centre should be immediately reported to Campus
Security, who should be allowed to deal with the situation. The senior person present should
report the incident in writing to ITSC.
6.
Requesting Access to the Data Centre
Departments that have computer equipment in a Data Centre may request access to the Data
Centre. Individuals designated by the requesting department will be granted access, once
authorised by the ITSC Director. To initiate access authorisation, the manager or the
departmental head of the department requesting access should send a request to the ITSC Director
by submitting the ‘Data Centre Access Request Form’. Upon approval by the ITSC Director, the
person’s data requesting access will be registered in the Access List of the smart card door
security system. At the same time, the person will be provided with a copy of this Data Centre
Access Policy document. A copy of the completed Form will be given to the requestor for proof
of authorisation. When a staff member who has access to the Data Centre terminates his
employment or transfers out of the department, that person’s department must notify the ITSC
Director or DNS Team Manager as soon as possible, to enable that person’s access to the Data
Centre to be removed. This is extremely important in cases where the employee is terminated
under just cause.
General Data Centre Operational Guidelines
1.
To facilitate the equipment hosting and Data Centre capacity planning, the ITSC Director or
DNS Team Manager must be consulted when any new equipment is to be installed in a Data
Centre, to facilitate the planning of UPS demand, rack space, console management, network
connections, etc. It is advisable to consult the ITSC Director or DNS Team Manager as
early as possible (preferably months before the actual equipment is ordered), to confirm that
the equipment can actually be housed in a Data Centre.
2.
To carry out infrastructure work in a Data Centre, the DNS Team Manager must be notified
of all work pertaining to infrastructure in a Data Centre. This includes tasks such as
equipment installation/removal, construction or any activity that adds/removes assets
to/from a Data Centre.
3.
To protect personal safety, all individuals in a Data Centre must conduct their work in
observance with all applicable policies related to safety, such as Safety and Health Council
Hong Kong, Hong Kong Labor Department, Lingnan University Campus Safety, etc.
4.
To maintain Data Centre cleanliness, all individuals in a Data Centre are expected to leave
all areas in a clean and tidy state after their work is completed. Boxes and trash must be
disposed of properly. Tools must be returned to their rightful place. Food and drink are not
allowed in any Data Centres at any time.
Internal Use
Page 3 of 5
Data Centre Access Policy
Data Centre Access Request Form
Please read the Data Centre Access Policy document and the Data Centre Conditions of
Access overleaf before filling in this form.
To:
Fax:
Email:
cc:
ITSC-Director (MB401)
2575 8763
network@ln.edu.hk
Requestor’s Supervisor
Requestor’s Department Head
 Access Request
Request Details:
 Access Termination
Access for:
 Main Data Centre
MB203/4-5
 Secondary Data Centre
NAB205/1
Name of Requestor:
Staff Number:
Location:
Contact No.:
Smart Card ID:
Requested Date:
Unit within Department:
Unit Head Contact No.:
Name of Unit Head:
Signature of Unit Head:
Name of Department Head:
Department Head Contact No.:
Signature of Dept. Head:
Reasons for access to the above Data Centre/s:
ITSC OFFICE USE ONLY


The above request is approved.
The above request is not approved. Reason: _________________________________
Approved By: _____________________________________
(ITSC Director)
Signature:
______________________________________
Date: ______________________
Implementation Date: ________________________________
ITSC Reference:
Internal Use
________________________________
Page 4 of 5
Data Centre Access Policy
Data Centre Conditions of Access
Those granted Data Centre access must abide by the following rules…





Access must not be used to allow any unauthorised person into a Data Centre.
Individuals must not interfere with equipment belonging to other departments or units.
Individual that have access MUST formally log in and out ALL visitors that are
accompanying them into a Data Centre.
Individuals with access privilege must abide by all policies as described in the Lingnan
University Data Centre Access Policy document.
Violating these rules may result in the revoking of access to a Data Centre.
I fully understand and agree to these rules. I also agree to fully cooperate during any investigation
concerning security, which might have occurred in a Data Centre during a time when I was
present in a Data Centre. Abuse of this access privilege and/or non-compliance with this
agreement may result in the removal of access rights and/or disciplinary action.
Applicant’s signature: ______________________________
Date:
Internal Use
______________________________
Page 5 of 5
Related documents
BOOKING FROM FOR CADD LABORATORY FACILITIES
BOOKING FROM FOR CADD LABORATORY FACILITIES
Lab Rental Form
Lab Rental Form
STC BCSP Information Security Mission 892010
STC BCSP Information Security Mission 892010
New System/Enhancement Request
New System/Enhancement Request
Courseware Development Grant Scheme (2015-16)
Courseware Development Grant Scheme (2015-16)
Information Technology Audit Status Report March 1, 2014
Information Technology Audit Status Report March 1, 2014
Recent Developments in the Use of Satellite Observations at ECMWF Tony McNally ITSC-XV
Recent Developments in the Use of Satellite Observations at ECMWF Tony McNally ITSC-XV
Questions for Unit-7
Questions for Unit-7
HOMEWORK 1 • DNS stands for do not submit (1) DNS Make up a
HOMEWORK 1 • DNS stands for do not submit (1) DNS Make up a
Consumer's Printed Name Consumer's Signature TIER CO
Consumer's Printed Name Consumer's Signature TIER CO
Final Exam:
Final Exam:
Use of satellite radiances in the ECMWF system
Use of satellite radiances in the ECMWF system
Download
advertisement