Policy Manual

Policy

In order to protect University resources, all servers must be registered with the Division of Information Technology (IT). Registration provides information necessary to monitor these resources and help protect them from intrusion.

To submit an application for a server to be registered on the GCSU network a GCSU Server Registration Application form must be completed. One application should be completed and submitted for each machine that is connected to the GCSU network. If you have questions or require assistance in completing this form, please contact the Serve Help Desk at 445-7378, or through email at serve@gcsu.edu.

Administrators should exercise caution when determining which services to activate. Only those services absolutely necessary should be enabled on any machine. Services are defined as protocols such as, but not limited to, FTP (used for file transfer) and HTTP (used for the web) that run on the servers connected to the GCSU network.

The registered administrator's responsibilities include, but are not limited to, physical security of the machine, applying all security patches immediately as they become available and reporting any suspected breach of security to the Chief Information Officer (CIO). All administrators are responsible for complying with the GCSU Policies for Connecting Devices to the University Network and monitoring the GCSU Server Administrator email list. The University reserves the right to deny any requests for connectivity to the network and/or access through the firewall. In accordance with the GCSU Incident Response Plan, a security incident involving a particular server or servers, access to those machines may be blocked until the situation is resolved.

If the registration application has been approved, a passive port scan will be conducted and all requirements for tightening the security on the machine will be reviewed with the systems administrator. Should highly vulnerable ports be found, IT staff may, with or without notice to the system administrator, remove access to the vulnerable server until such time as the machine is no longer a risk to GCSU or internet systems.