Topics Map > Service Catalog > DataCenter Services
Topics Map > Service Catalog > Accounts, passwords and security services > System Security

Non-LIT server requirements

Learning and Information Technology Services (LIT) will provide public facing IP addresses and DNS entries for department hosted servers. The UW-Stout CIO is responsible for the security of all IT resources on campus. Due to this responsibility all servers must adhere to campus, system and BOR policies.

  • The data stored must be classified in accordance with UW System Policy 1031 and have a discussion with the UW -Stout Information Security Officer to clarify the type of data being stored and how it is classified.  See UW Stout's Data Classification administrative procedure.  
  • The department hosted server must be in compliance with all UW-System, UW-Stout, and other applicable policies and laws. https://www.wisconsin.edu/uw-policies/uw-system-administrative-policies/
    • Examples include:
    • Authentication 
    • Firewalls
    • Encryption in transit and at rest
    • Copyrights
  • Server owners must maintain operating systems to the latest patch level and still supported by the developer.
  • Server owners must maintain patch levels of all software and respond timely to critical vulnerabilities identified by the software developer or made available by national clearinghouses of critical vulnerabilities.
  • Server owners must provide detailed configuration settings and other details to verify compliance.
LIT maintains the right to monitor traffic to and from the server and to scan the server for vulnerabilities.  If vulnerabilities are discovered through monitoring or scanning, the owner will be notified and will then need to promptly patch the server.   LIT reserves the right to block access to the server at their discretion when a severe risk to the campus is identified or when a server is interrupting core services.  LIT will do it's best to work with departments to identify issues and working through them, but LIT will at times be required to take unilateral actions to keep the campus secure.  These are the same standards that LIT is expected to also follow. 



Keywords:buy server   Doc ID:81765
Owner:Dan D.Group:UW Stout
Created:2018-04-20 13:32 CDTUpdated:2018-04-23 08:40 CDT
Sites:UW Stout
Feedback:  0   0