Educause Security Discussion mailing list archives
Re: Physical Security - How many IT Departments have Restricted Access?
From: "Rizzo, Jim" <JRIZZO () PROVIDENCE EDU>
Date: Fri, 7 Nov 2008 22:45:59 -0500
Our server room is behind 2 doors that require card swipe. Not everyone who can get through the first can get through the second. Other than that, we don't deal with a whole lot of private data. Other departments don't have quite as much physical security. Jim -- Jim Rizzo Helpdesk Manager Providence College (401) 865-1277 jrizzo () providence edu AIM: JRizzoPC http://itweb.providence.edu/helpdesk http://selfhelp.providence.edu ________________________________ From: The EDUCAUSE Security Constituent Group Listserv on behalf of Clark, Sean Sent: Fri 11/7/2008 5:22 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Physical Security - How many IT Departments have Restricted Access? Greetings, all. I am new to the Educause Security list and I hope that I am posting this question to the right list. I am the manager of a newly created IT Security group at a university and I have a question for other IT professionals on this list. There has been a recent initiative that was been proposed by one of our upper management people to unlock the front doors of our IT department during business hours, in order to be more customer friendly and not make people who visit our offices feel that they are not trusted. Background: We've had ingress to the IT department offices restricted by badge access for many years. Within the offices there is a server room that has separately-keyed badge access (representing two layers of physical security). While I acknowledge that there is a negative impact to convenience that is associated with restricting access to IT services premises, I have been making the argument that unlocking the doors would increase the risk to: 1) unsecured hardware that may contain private data (mostly customer/user systems that are being repaired by workstation support) 2) the workstations of multiple admins who are using elevated accounts to access to switches, routers and servers with private data on them 3) a variety of laptops, PDAs and other portable devices, owned by the IT department and our customers 4) one less layer of physical security protecting our server room I'd like to hear back from IT professionals at other universities, to see where our department sits in comparison to the norm: is access to your IT department restricted? If so, how is that access restricted? If your department is not physically secured, what kinds of problems have you run into? Thanks, in advance, for any thoughts/suggestions that you are willing to share. Sean
Current thread:
- Physical Security - How many IT Departments have Restricted Access? Clark, Sean (Nov 07)
- <Possible follow-ups>
- Re: Physical Security - How many IT Departments have Restricted Access? Basgen, Brian (Nov 07)
- Re: Physical Security - How many IT Departments have Restricted Access? Ken Connelly (Nov 07)
- Re: Physical Security - How many IT Departments have Restricted Access? Rizzo, Jim (Nov 07)
- Re: Physical Security - How many IT Departments have Restricted Access? Peters, Kevin (Nov 08)
- Re: Physical Security - How many IT Departments have Restricted Access? Clark, Sean (Nov 09)
- Re: Physical Security - How many IT Departments have Restricted Access? Russell Fulton (Nov 09)
- Re: Physical Security - How many IT Departments have Restricted Access? Theresa Rowe (Nov 10)