home Future Students Current Students Faculty and Staff Business and Community Online Courses
 
Data Center Standard

 

Purpose

The purpose of this document is to communicate the standards and procedures for accessing and using the MCC data centers. These standards and procedures are in place to provide a standard for usage, to ensure physical security of MCC critical systems, and to comply with regulations, state and federal laws.

Scope

This document applies to employees and non-employees associated with MCC who require access to the MCC data centers, and applies to all members of the authorized user-community: all College employees, students, authorized contracts, guests, and members of the Board of Governors.  

 

General

  1. Employees or Contractors Requiring Access

The data center is a restricted area; only authorized individuals may enter this area. Access will only be granted to individuals that have a business requirement to be in the data center and have the approval of the Director of IT Network Services. This area may only be entered to conduct authorized college business. Anyone without authorization for the data center is considered a visitor.

Temporary suspension of these rules only applies in emergency situations if it becomes necessary to provide emergency access to medical, fire, and/or police officials.

  1. Visitor

Individuals which need infrequent access to the data center which is defined as less than 20 days per year will not be granted access via an access keycard. The visitor must be escorted at all times while in the data center by an authorized individual. The escort (authorized individual) is responsible for having the visitor sign into the visitor log and signing that they are the escort for the visitor, and giving the visitor a visitor badge in which the escort has written the date the badge is valid. The visitor badge must be visible at all times. The escort must ask the visitor to surrender the badge before leaving the facility. Visitor logs must be maintained for three months.

  1. Audit Procedures

Access review and verification will be conducted quarterly and reviewed by management. If an individual no longer has a business requirement to access the data center their access will be revoked. 

 

  1. General Cleanliness

The data center is not to be used as a storage area. When installing equipment throw away or remove cardboard and packaging materials. Keep aisles clear of tools and carts for safe evacuation routes. Food and drinks are not permitted in the data center.

  1. Cable Request and Standards

To request cable installations contact the help desk to generate a ticket for the Network team.  The network team will install the cable to the standard, using category 6 cables or fiber, utilizing cable trays between cabinets, and organizing cables in the cabinets to ensure ease of troubleshooting and maintenance. 

  1. Closed-Circuit Television (CCTV)

The FOC Data Center doors are monitored by cameras and the video must be maintained for 90 days. The network security engineer and public safety monitor the data center remotely.

  1. Tours

Data Center tours must be approved by a member of the IT Security Steering committee, visitors must be escorted at all times.

  1. Data Center Equipment Changes

A Data Center Equipment change must follow the change request process and have a Request for Change (RFC) form completed for all equipment installations or removals and must be approved

  1. Data Center Doors

Doors to the data center must remain locked at all times. When the door needs to be open for the transfer of equipment or supplies or for air flow into the data center the door must be supervised by a person with approved access to the area. DO NOT leave doors propped open and unsupervised

Version

Date

Approver

Change Description

1.0

8/15/2011

Information Security Steering Committee

Initial construction

2.0 8/13/2012 Information Security Steering Committee Revision

 

Back to Technology Procedures

Top

 
 
 
Contact Us