Schools, Colleges, Departments or individuals that have implemented servers must ensure the servers meet the following standards:

  • Operating system must be be patched according to patching guidelines
  • Servers must be installed in an established server (not client) network
  • Servers must be configured to utilize a host or network firewall
  • Servers must be configured emit logs to a dedicated log collection server
  • Vulnerability scans must be scheduled to run and be reviewed at least monthly
  • All unnecessary services must be disabled
  • There must be an assigned professional IT staff person communicated to the Information Security Office (

Related Documentation


Acceptable Use Policy


link IT risk management guidelines


link to IT Definigtions