Requirements for Computers Supporting Essential Services or Holding Restricted Information

January 26, 2005

Computers that support essential services or hold restricted data, as defined in Business and Finance Bulletin IS-3, "Electronic Information Security," are subject to additional requirements beyond the minimum standards for connecting to the UCOP network. A device must meet these more stringent standards of protection, whether or not connected to the network, if any of the following apply:

  • loss of the information might severely impact a business function;
  • unauthorized access, modification, or loss of the information could adversely affect UCOP, its partners or the public, or would require specific reporting as outlined in BFB IS-3, "Electronic Information Security"; or
  • degraded performance or functionality might disrupt proper functioning of essential University services.

1. The device should be in the proper physical environment.

  • The device should be in a secured location with physical access controls to limit access to only those individuals authorized to access the resources. The secured space should not be shared with other functions or operations that do not have similar access control requirements, e.g., janitorial services.
  • The environment should have appropriate environmental controls, as needed, such as UPS, generator, proper heating/cooling, and be clean and free of hazardous materials.
  • Depending on the requirements for availability, the device might need to be in a location with 24x7 support capabilities.

2. Proper recovery procedures must be in place and regularly practiced.

  • Appropriate backups must occur at frequencies appropriate to the function and the rate at which the information is changed.
  • Secure offsite storage of backup media should occur regularly.
  • If the criticality of the information warrants it, disaster recovery procedures and arrangements must be put into action and regularly rehearsed.
  • If University operations might be seriously impacted by loss of the service, an off-site alternate location where the service might be recreated quickly should be considered.

3. Up-to-date configuration management, change management, and patch procedure processes must be in place and a designated system administrator responsible for these activities must be specified.