Re: Organizations residing on campus

["Drews, Jane E" <jane-drews () UIOWA EDU>]

Mandi,

We have a few non-university organizations that operate on our campus.  If
they get network service, we require completion of a SLA (service level
agreement).  It is used for two purposes.  The first is to provide contact
information/procedures (both sides) in the event of a problem such as
network outage or a security event involving them.   The second is to
clearly state and agree that responsibility for security of their devices
rests with them.  (We will provide basic network service, but *NO* security
services, and accept no responsibility for regulatory compliance.)

 

Jane Drews

Univ of Iowa

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mandi Witkovsky
Sent: Thursday, October 13, 2016 9:50 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Organizations residing on campus

 

We have several non-university entities (non-profit organizations) who have
space to operate on campus.  Most of the time, all we provide is phones and
internet access, but sometimes it gets hairy when the org wants to run
servers on premise.  Does anyone have published standards or guidelines that
they give to these types of entities so they know what is allowed, and what
expectations for security, and what the expectations are on both sides?

 

Thanks,

mandi

Attachment: smime.p7s
Description: