In order to prevent service disruptions or loss of data integrity or confidentiality, access to physical areas in which sensitive equipment is located and/or where information is processed must be controlled.

Policy Statement

In order to prevent service disruptions or loss of data integrity or confidentiality, access to physical areas in which sensitive equipment is located and/or where information is processed must be controlled.

Reason for Policy

The purpose of this policy is to establish the rules for the granting, controlling, monitoring and removal of physical access to Information Resource facilities.

Who Is Governed by this Policy

All end-user and application management accounts on computerized information systems operated by or on behalf of Adelphi University.

Policy

  1. Based on criticality of IT resources and/or the sensitivity of information being processed, the Information Security Officer may designate certain areas to be secure IT areas.
  2. Unsupervised access to secure IT areas is limited to qualified Adelphi IT personnel who have a need to work in those areas.
  3. Visitors must announce their presence to Adelphi IT personnel upon entering a secure IT area.
  4. While present in secure IT areas, visitors must be escorted at all times by qualified Adelphi IT personnel.
  5. Unannounced and unescorted access to secure IT areas by visitors is permitted in cases where urgent maintenance needs to be performed and/or in case of other emergencies. The visitor must inform Adelphi IT of his/her presence as soon as reasonably possible after access has been obtained.

Enforcement

Investigations into alleged violation of this policy will be coordinated by the Information Security Officer. Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. Violations of this policy by students will be addressed through the Student Disciplinary Process. Violations by external service providers will be assessed on case-by-case basis, and may lead to revocation of the AU work permit, fines, or by other means as designated within contracts.

Deviation from Policy

Deviations from this policy may be granted by the Information Security Officer. Requests for deviations must be submitted in writing through the regular work order process.

Definitions

Qualified Adelphi IT Personnel: Office of Information Technology personnel who have been instructed in certain protocols to ensure that disruption of processing is limit as much as possible.

Visitor: Any non-qualified Adelphi IT personnel, non-Adelphi IT personnel, or external service providers with a need to access a restricted area.

Forms

This policy does not have forms associated with it at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Related Information

This policy does not have related information at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Document History

  • Last Reviewed Date: March 30, 2023
  • Last Revised Date: September 01, 2017
  • Policy Origination Date: December 16, 2009

Who Approved This Policy

Carol Ann Boyle, Chief Information Officer

Policy Owner

Secondary Contacts

Search Menu