Schools, Colleges, Departments or individuals that have implemented servers must ensure the servers meet the following standards:

  • Operating system must be be patched according to patching guidelines
  • Servers must be installed in an established server (not client) network
  • Servers must be configured to utilize a host or network firewall
  • Servers must be configured emit logs to a dedicated log collection server
  • Vulnerability scans must be scheduled to run and be reviewed at least monthly
  • All unnecessary services must be disabled
  • There must be an assigned professional IT staff person communicated to the Information Security Office (security@uconn.edu)

Related Documentation

Policies

Acceptable Use Policy

Guidelines

link IT risk management guidelines

References

link to IT Definigtions