ARIT Virtual Infrastructure Policies

  • Designated admin is responsible for maintaining security and configuration of their system(s).
  • If the designated admin leaves, we should be notified of his/her replacement.
  • Admin must be available during work hours to resolve issues that may arrive from their server(s).
  • Servers must not be known to have security issues when being brought into the ARIT infrastructure. Resolving the issues must be done by the designated admin beforehand.
  • If a server is compromised, it may be taken offline until the admin can resolve the issue.
  • PI data must be disclosed prior to moving to the ARIT Infrastructure and will need to conform to the UCOP BUS-80 policy (http://policy.ucop.edu/doc/3520504/BFB-BUS-80).
  • Servers must be able to be updated on a regular basis. If the admin would like to patch themselves, that is fine, but if not done in a reasonable amount of time, we will apply them.
  • Passwords on accounts should be at least 17 characters on Windows Servers. Service accounts should be limited to only the scope they need.
  • Servers, without the written consent of the UC, cannot be used for personal use, advertising, or any other monetary gain.
  • Windows Server 2003 and previous versions are no longer supported.