Category | Information & Communications Technology |
---|---|
Type | Policy |
Approved by | Vice-Chancellor, August 2009 |
Date Policy Took Effect | 27 August 2009 |
Last approved revision | 30 June 2011 |
Sponsor | Director, Information Technology Services |
Responsible officer | Manager Information Security |
Purpose
This Policy underpins a security procedure for University computers that have access to the Internet. This policy limits unrequested access to computers from off-campus by not permitting full access to servers unless authorised by the Manager Network Services.
Servers, with all services registered, increase the likelihood of system attack and compromise. It also allows attackers to install backdoors that are accessible from the Internet for continued control of the system in the event of a compromise.
Organisational scope
This Policy applies University-wide.
Definitions
- ITS
- Information Technology Services
- System Administrator
- in the context of this Policy, the person responsible for the management and upkeep of a server.
Content
1. Policy
- The University has implemented a security procedure for University computers that have access to the Internet.
- Full access servers are not generally permitted.
- System Administrators are required to register their servers only for relevant Internet services.
- Any full access server must be authorised by the Network Services Group, ITS.