Back to IT Policy Task Force Home
Review: Standards: Operational (hosts, servers, platforms, etc.); disaster
recovery & risk mgmt
There are no policies that specifically cover campus-wide system operations and backup standards.
Business office has a Info. System and security Policy’s for BAO users and deals more with Privacy Act. Also points how to dispose desktop an server info that has outlived its purpose. (Storage, archiving and recovery is mentioned) BAO System Policy
Through Server registration page, policies can be linked eg.
WMU Server Reg Policy templates.
UO IP Request could do provide link to host policies and configurations.
This step will ensure the responsible admins check against provided policies
Information Services has a general purpose info page for computer security.
UO General Machine Security
Creating standards that campus admins should use will help secure the systems in the installation stage.
eg. PennState Server Sec Policy
References to benchmarks can also be included as resources.
CIS Security benchmark and NSA’s security config
guides
Server Backup and recovery. Some colleges have a good backup and recovery policy that we could include in our policy guidelines.
Penn State Backup Policy and Penn State IDTR
Decommisioning the system A good start for a policy on retiring systems UO’s Surplus instruction
===
additional comment:
look at Joe’s homepage
esp. additional business continuity/disaster recovery info