Departmental Server Policy and Procedures Guide

Background

The proliferation of the client-server-computing model has resulted in an increasing amount of decentralization of computing. This decentralization has served to put more computing power and flexibility in the control of departments for the betterment of students and faculty. However, it also poses a challenge to the coordination of systems (some considered mission-critical) across many different departments. An institutional policy concerning server systems and the users of those systems is intended to maintain consistency, assure availability, facilitate disaster-recovery, coordinate technical operations and apply sound management practices consistently throughout the institution.

Server Systems

1. Each server shall have a designated departmental sponsor who is the primary point of contact. ITS shall designate a technical support contact person for each server.
2. The purpose(s) of the server shall integrate with the overall campus network and server design.
3. The purpose of a server should be documented by the designated sponsor and ITS technical support contact and kept current by the sponsor to reflect any changes.
   Server documentation should include the sponsor, backup procedure, root-privileged users, disaster recovery plan and purpose(s) of the server. This documentation and these policies will represent a "contract" between the department and ITS. Sign-off by department chairs and ITS Director will be required to complete the documentation and thus, the "contract".
4. Proposed changes to the server configuration or purpose should be coordinated with ITS Operations through the departmental sponsor and ITS technical support contact. Such changes shall be communicated and coordinated with ITS in advance of additions or changes to the configuration.
5. Each server will have a backup and disaster recovery plan developed by the departmental sponsor and ITS technical support contact. This plan must be completed at implementation time and is a part of the overall server documentation.
6. "Root" access to servers must be established for ITS support staff use. This may be in the form of a single, shared user account.
7. To provide a consistent mailing address to the public, e-mail should be obtained and distributed from the campus central mail node(s). This involves using the following address format when advertising mail addresses or configuring POP mail clients "reply to" address: username@mail.plymouth.edu
8. It is understood that e-mail will be forwarded to other departmental servers where it is actually read and responded to.
9. Public WWW visibility necessitates stability of HTTP servers. Creating public accessible URLs on a very stable top level server better provides information to the public while minimizing some demands on departmental servers. IT also serves to provide the public with a more complete view of the university when "surfing" the PSU web site. It is recognized that users who frequent information on departmental servers will establish the necessary bookmarks to expedite access.
10. This concept is analogous to the way in which electronic mail is managed and permits flexibility at the departmental server level while providing stability as seen from the public. This policy is not intended to prohibit or restrict access to departmental information servers but does strive to provide stability of access and coordination with other institutional resources.
11. It is the intent of ITS to facilitate the ability of users to create CGI scripts and other server programs. ITS recognizes that access to script directories and programming resources can be a security risk.
    
    On the central servers, access to server script directors and resources must be coordinated with the ITS staff. Students will be allowed access to production system resources under the close supervision of a faculty sponsor and ITS staff.
    
    On departmental systems, the ability of users to access server script directories and resources is at the discretion of the department.

User Accounts

1. User accounts on servers should be the same name from server to server and equate to the user name on the OZ central server system. Usernames are of the general form first initial and lastname. Accounts not named in this fashion must be documented in the overall server documentation so as to identify the person responsible for the account and its intended use. No anonymous accounts are permitted.
2. All guest accounts will have an assigned faculty or staff sponsor. Guest accounts are to be documented and made available to ITS. This documentation should indicate the name and contact information of the user in addition to the faculty sponsor. The documentation should also indicate the purpose, privileges, and duration of planned use.
3. It is the intent of ITS to develop a common account creation tool for the creation of user accounts. This common tool would maintain a central database of users accounts, names, purpose of the account and expiration date among other data items.
4. User accounts on departmental servers shall be subject to institutional "appropriate use" policies as the central systems.

Fatal error: Call to undefined function Footer() in /web/pscpages/infotech/policy/PSU/server.html on line 95