Data centers, offices, or other facilities that house data systems and data storage, workstations, and other computing devices will be protected from unauthorized physical access, as well as natural and environmental threats that may compromise confidentiality, integrity and availability. Standards established by the Information Security Unit of Computer services will be used for protection. Each unit within the University has the responsibility to ensure physical security for their areas and can best accomplish this by following the best practices set forth in these standards. Access logs will be maintained according to the data retention standards set by the University and government regulation.
Reason or Purpose for Policy
Protecting data is just one layer of defense against intruders. Access must be limited to only those who are authorized to physically use the devices. Physical security is the foundation layer of protecting information systems and data. University units must be vigilant in this area and understand how to best protect University physical and intellectual property.
Entities Affected by this Policy
All entities contained in or under the direction of the Missouri State University system.
Line of Authority
- Responsible Administrator and Office: Chief Information Officer (CIO)
- Contact Person in that Office: Information Security Officer (ISO)