Wright State University home page. left side circuit
CaTSIT Security
Do IT Wright
Policies
Guidelines and Best Practices
Traiining
Server Registration
CaTS Bulletin
Report an Incident
References

 

 

Server Registration

There are two processes for server registration:

New Server Registration

Existing Server Registration

New Servers

The initial contact with CaTS should be through the New Server Questionnaire. This is a simple form that lets CaTS know that a new server is under consideration. Once you have completed the New Server Questionnaire, reviewed the Data Security Compliance information, and received notification from CaTS, a more detailed form must be completed (Server Registration Form). This form will require information supplied by the department or college as well as the application vendor. A meeting with CaTS representatives may be necessary prior to completion of the Server Registration form. What information do I need to provide on the Server Registration form? 

Servers containing sensitive or protected data need to be located in the CaTS computer room where they can be protected by placing them into the proper security zone, as well as providing the required physical security. Servers with sensitive or protected data located in other university departments will not be connected to the network without a special exemption from the Director of Computing and Telecommunications Services. Anyone who wants this exemption will need to write a letter of justification as to why the server cannot be located in the CaTS computer room and demonstrating that required physical security measures will be met.

The process for new server registration is as follows:

1. Review CaTS Server Support

If you would like CaTS to help manage your server.


2 . Review Data Security Compliance and Security Best Practices

These page provides examples of ePI data, the risks associated with the type of data on your server and other information regarding protected information on the Server Registration form. It includes the technical requirements for protecting sensitive information.

3. Complete Server Registration Form once you receive notification from CaTS.

Existing Servers

Over the past few years the Internet and the world have changed. There are many new legal requirements regarding the protection of data and the penalties for failing to do so. It is important that we know more about the nature of our servers, their applications, and data. Many applications on our servers were installed and are maintained by vendors, which leaves CaTS with little or no information about the data and how it is secured. It is imperative that we go back and gather information on these applications. The process is as follows:


1. Review Data Security Compliance and Security Best Practices

These pages provide examples of ePI data, the risks associated with the type of data on your server and other information regarding protected information on the Server Registration form. It includes the technical requirements for protecting sensitive information.

2. Complete Server Registration Form

To register your server you must visit the server registration page and complete the online form identified on that page. You will be required to log in with Campus ID and password and the form will request that you provide information concerning the server details and responsibilities in the security and administration of this server. You may save and re-edit the registration form as often as required. What information do I need to provide on the Server Registration form?

Return to Top

Server Review

Once you have submitted the registration form, your registration will be reviewed. If you have requested Internet access to a webserver, for instance, the IP address of the server will be allowed access from the Internet. If the server contains protected or sensitive data, you will be contacted by CaTS to review your server configuration and processes for compliance. The primary focus of the review is appropriate protection for data and access control. CaTS assumes that the responsible administrators and support personnel identified in the server registration, will plan and implement security recommendations in a reasonable timeframe.

On-going Follow-up

Internet attacks and hacking incidents will continue to increase and the University will alter and adjust the university security strategy accordingly. On a yearly basis you will be asked to complete a survey with current information on your server(s).

Network Strategy

Wright State University's current network access model is based on the most restrictive model or the default deny rule. Default deny means that all traffic is denied, with the exception of what is explicitly allowed. This means that by default, all incoming connections are denied to each computer on our network. The server registration program provides a mechanism to allow the traffic in to specific servers as required for business and academic functions.

 

Return to Top

 

 

 

 

 

 

 

 

 

 
Page Divider.
Computing and Telecomm Services
025 Library Annex
Wright State University
3640 Colonel Glenn Hwy.
Dayton, OH 45435-0001
(937) 775-4827, 1-888-775-4827
helpdesk@wright.edu
green bar
[ CaTS Home | Help Desk | Wright State Home ]
green bar
Copyright Information © 2002 | Accessibility Information
Last updated Wed. Jun-11-08, 14:00, by the WSU Web Team (ajc).
Please send comments to the Help Desk.