IT Knowledge - ITS-PE-5: Access Control for Output Devices

Purpose

This Control sets the requirements which govern physical access to Data Center output devices.

Scope

This Control applies to Staff, Faculty, visitors, contractors, and any requiring access to the University of Chicago Enterprise Data Centers. The scope includes:

Controls to output devices

The process offers the following Enterprise Data Centers NIST level unless otherwise specified below:

1155 – Moderate
Hinds – Low
POD-A – Moderate
POD-B - Moderate
POD-C - Moderate

Policy

All Users, authorized or unauthorized, must comply with these requirements.
Output devices will be limited to authorized users.
Vendor, repair contractors, or other unauthorized users will use output devices only when monitored by those with Authorized Data Center Access.

Process

Output Devices

No KVM trays will be installed in 1155, POD-A, POD-B, or POD-C.
- System requiring KVM access will be via crash carts in each Data Center.
- When system access is completed the crash cart is to be removed and returned to its assigned staging location.
No printers, fax machines, or other physical output devices will be allowed in the Enterprise Data Centers.

Responsibilities

Listed below are the individuals involved with this PROCESS and the major scope of their responsibility:

Executive Director for Enterprise Applications and Services
- Support Access Control for Output Devices
Director Data Center Strategy & Operations
- Implement Access Control for Output Devices
Command Center
- Implement Access Control for Output Devices
ITS Data Center Governance
- Approve Access Control for Output Devices

Process Review and Approval

Management will perform an annual review of this process. Based on the review, management may change this process to reflect its intentions and compliance requirements. Both IT Services and business users will be informed of any changes to this process and will be provided with a revised process.

ITS-PE-5: Access Control for Output Devices