H&S Server Policies

Policy: College servers and web accessibility / security
Date Adopted: 7/17/2015
Date Last Revised: 8/19/2015

Purpose

To align College practices on the use of departmental web servers with campus policies and best practices.

Policy

  1. The College (Griztech and Spectral Fusion Design employees) maintains secure servers that are intended to serve the web needs of all departments. However, we recognize that there may be a need for certain departments to control their own server if they have specialized needs.
  2. Even if content is maintained on departmental servers, it must be available in accessible formats just the same as if it were maintained on a central IT or College server. Accessibility is determined by the Central IT Office of Accessibility and any server hosting web content will be monitored by that office for compliance. Failure to meet compliance or adjust to requested changes to meet compliance will result in the shut down and/or removal of the server.
  3. Because security and data management needs cannot be fully predicted, any server maintained by a department must be set up with access for GrizTech and Spectral Fusion Design employees. This is necessary as a fail-safe provision in case there is a data security breach or some essential maintenance that is required when departmental staff are unavailable.
  4. If a department within the College maintains its own server(s), then responsibility for any breach of data security (and the financial consequences therefor) rests with the department unless there is a campus-wide breach that can be reasonably shown to be the responsibility of campus IT.