MenuSearchA-ZSeven Schools One University

Menu

Close Menu
Info For
Resources
Seven Schools One University

A–Z

Close Menu

IT Server Security Standard

This standard establishes a framework for ensuring that servers deployed within UMB’s campus are managed in a secure and predictable fashion.  It is the responsibility of UMB network managers to protect and maintain the security of the networks they are charged with managing.  System administrators are obliged to prevent trespassers from corrupting or misusing any segment of the enterprise network.  Listed below are recommended standards to be followed by system administrators where technically feasible.

Scope

UMB is a distributed environment with corresponding local responsibilities. Support for campus enterprise applications is managed centrally.  This security standard is recommended for all server resources within the physical area of the UMB campus and all users who access those resources. It pertains especially to those resources that support vital business functions and that maintain confidential, personal, or protected information.

Standard(s)

To maximize the security of the network server environment, the system administrator, where feasible:

  1. Maintains physical access controls
  2. Requires that administrator level passwords are a minimum of 8 characters long
  3. Prevents the reuse of passwords over a 6 month period
  4. Enforces password expiration at least every six months
  5. Ensures that users have unique and separate server accounts
  6. Uses antivirus software to ensure that files saved to servers are not infected
  7. Recommends the use of antivirus software if the system supports email
  8. Ensures that the primary administrator account is the only account with access to all files
  9. Ensures that any new data copied onto a server is done in a fashion that logs the transaction/transfer
  10. Ensures that only approved and licensed software is installed on the server
  11. Provides the capability to log all confidential file access
  12. Reviews activity logs for suspicious activity
  13. Uses authentication between servers, as well as client and server, when transferring confidential data
  14. Performs incremental backup on a daily basis
  15. Performs full server backups at least weekly
  16. Produces archival backup copies at least monthly
  17. Stores backup copies of critical enterprise systems in a protected, off-site facility

Help Desk

Contact

601 W. Lombard St.
Suite 540
Baltimore, MD 21201

410-706-4357 help@umaryland.edu

Office Hours:

Weekdays
8 a.m. to 5:30 p.m.

CITS STAFF RESOURCES

The University of Maryland, Baltimore is the founding campus of the University System of Maryland.

620 W. Lexington St., Baltimore, MD
21201 | 410-706-3100

The University of Maryland, Baltimore prohibits sex discrimination in any education program or activity that it operates. Individuals may report concerns or questions to the Title IX Coordinator. Read the UMB Notice of Non-Discrimination.
© 2024-2025 University of Maryland, Baltimore. All rights reserved.