Data Center Visitor Log Policy for Rockhurst University
Policy Statement:
Rockhurst University (the "University") is committed to maintaining the security and integrity of its data center. This policy establishes the requirement for maintaining a visitor log for anyone entering the data center. The purpose of this policy is to enhance security measures, monitor access, and ensure accountability within the data center facility.
Scope:
This policy applies to all individuals, including employees, contractors, vendors, and visitors, who require access to the University's data center.
Policy Guidelines:
Access Control:
- Access to the data center is restricted to authorized personnel only.
- All visitors must obtain prior approval and be escorted by an authorized staff member.
- Visitors must adhere to the data center's rules and regulations during their visit.
Visitor Log:
- A visitor log shall be maintained for all individuals entering the data center.
- The log should capture the following information:
- Visitor's full name
- Visitor's affiliation or organization
- Date and time of entry and exit
- Purpose of visit
- Authorized staff member escorting the visitor
- The log should be legible, accurate, and stored securely.
- Entries must be made in real-time, immediately upon entry or exit from the data center.
Visitor Check-In Process:
- Prior to entering the data center, visitors must check in at the designated security checkpoint.
- Visitors must present a valid identification document (e.g., driver's license, passport, or university ID) to the security personnel.
- The security personnel will verify the visitor's identity and cross-check against the approved access list.
- Once verified, the visitor will be provided with a visitor badge or pass to be visibly worn at all times while inside the data center.
Escort Requirement:
- Visitors must be escorted at all times by an authorized staff member.
- The authorized staff member is responsible for monitoring the visitor's activities, ensuring compliance with data center policies, and answering any questions the visitor may have.
Data Center Rules and Regulations:
- Visitors must adhere to the data center's rules and regulations, which may include, but are not limited to:
- Prohibition of food, beverages, or smoking inside the data center.
- ii. Requirement to maintain a quiet and professional environment.
- iii. Restriction on accessing or tampering with equipment, cables, or other data center infrastructure.
- iv. Compliance with any additional security measures, such as biometric access controls or video surveillance.
Record Retention:
- Visitor logs must be retained for a minimum period of two years, as specified by applicable legal, regulatory, or audit requirements.
- After the retention period, the logs should be securely destroyed to protect the privacy and security of visitor information.
Policy Compliance:
Non-compliance with this policy may result in disciplinary action, up to and including termination of employment or legal action, depending on the severity and frequency of the violation. The University reserves the right to revoke visitor access privileges to the data center at any time and for any reason.
Policy Maintenance:
Rockhurst Computer Services is responsible for the maintenance, review, and interpretation of this policy. Any suggested changes or concerns related to this policy should be directed to the Rockhurst Computer Services.
Last Review Date
06/28/2024