Non-LIT server requirements

Learning and Information Technology Services (LIT) will provide public facing IP addresses and DNS entries for department hosted servers. The UW-Stout CIO is responsible for the security of all IT resources on campus. Due to this responsibility all servers must adhere to campus, system and BOR policies.

• The data stored must be classified in accordance with UW System Policy 1031 and discussed with the UW -Stout Information Security Officer to clarify the type of data being stored and how it is classified.  See UW Stout's Data Classification administrative procedure.  
• The department hosted server must be in compliance with all UW-System, UW-Stout, and other applicable policies and laws. A list of UW-System policies can be found at https://www.wisconsin.edu/uw-policies/uw-system-administrative-policies/
• Examples include:
• Authentication 
• Firewalls
• Encryption in transit and at rest
• Copyrights
• Server owners must maintain operating systems to the latest patch level and the operating system must be supported by the developer.
• Server owners must maintain patch levels of all software and respond in a timely manner to critical vulnerabilities identified by the software developer or made available by national clearinghouses.
• Server owners must provide detailed configuration settings and other details to verify compliance.